securityaffairs.com Open in urlscan Pro
2606:4700:3031::6815:90b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Submission: On April 20 via api (April 20th 2023, 2:12:52 pm UTC) from TR — Scanned from DE

Summary HTTP 162 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 24 domains to perform 162 HTTP transactions. The main IP is 2606:4700:3031::6815:90b, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com.
TLS certificate: Issued by GTS CA 1P5 on February 24th 2023. Valid for: 3 months.

This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	2606:4700:303... 2606:4700:3031::6815:90b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.99.34 13.32.99.34	16509 (AMAZON-02) (AMAZON-02)
6	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
18	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:245... 2600:9000:2451:1600:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.121.88.215 3.121.88.215	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4 6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
14	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3 3	3.120.144.155 3.120.144.155	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
3 3	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:16d8:7090:a613:b3d4	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
162	25

42 2606:4700:3031::6815:90b (United States)

ASN13335 (CLOUDFLARENET, US)

securityaffairs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-34.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2451:1600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.88.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-88-215.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.144.155 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-144-155.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:16d8:7090:a613:b3d4 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	securityaffairs.com securityaffairs.com	935 KB
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	614 KB
32	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	151 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	159 KB
10	google.com 4 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2930 adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
8	wp.com i0.wp.com — Cisco Umbrella Rank: 4167 stats.wp.com — Cisco Umbrella Rank: 3510 pixel.wp.com — Cisco Umbrella Rank: 2908	359 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	5 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	195 KB
4	google.de www.google.de — Cisco Umbrella Rank: 3425 adservice.google.de — Cisco Umbrella Rank: 5261	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	281 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	2 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5368 buttons-config.sharethis.com — Cisco Umbrella Rank: 6788 l.sharethis.com — Cisco Umbrella Rank: 5697	46 KB
2	ctnsnet.com 2 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 12051	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 908	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1020	945 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1886	350 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1223	761 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 744	932 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2258	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 447	460 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1718	54 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	608 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2802	1 KB
162	24

	Domain	Requested by
42	securityaffairs.com	securityaffairs.com
22	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	cm.g.doubleclick.net	googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	securityaffairs.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	fonts.googleapis.com	securityaffairs.com googleads.g.doubleclick.net
6	www.google.com	4 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	i0.wp.com	securityaffairs.com
5	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	www.googletagmanager.com	securityaffairs.com www.googletagmanager.com
3	image6.pubmatic.com	3 redirects
3	x.bidswitch.net	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	ius.ctnsnet.com	2 redirects
2	c1.adform.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	pixel.wp.com	securityaffairs.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	securityaffairs.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	secure.gravatar.com	securityaffairs.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	stats.wp.com	securityaffairs.com
1	platform-api.sharethis.com	securityaffairs.com
162	35

This site contains links to these domains. Also see Links.

Domain
unit42.paloaltonetworks.com
learn.microsoft.com
asec.ahnlab.com
i0.wp.com
docs.google.com
twitter.com
www.facebook.com
infosec.exchange
www.linkedin.com
securityaffairs.co
www.pinterest.com
plus.google.com
www.tumblr.com
www.cssii.unifi.it

Subject Issuer	Validity	Valid
*.securityaffairs.com GTS CA 1P5	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M01	`2023-02-28` - `2023-07-18`	5 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Frame ID: B7C2E6B762567CFB336B196ED6483052
Requests: 86 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20190131/zrt_lookup.html
Frame ID: 3010F6C4E82470706DE502B786EA4C2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1681999968&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999967485&bpp=290&bdt=152&idt=573&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2991797660499&frm=20&pv=2&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=626
Frame ID: 37AE7F25E10BE16FF419F09755A3CCB3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1681999969&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969255&bpp=3&bdt=1922&idt=3&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0&nras=2&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=3kRDNo0XjO&p=https%3A//securityaffairs.com&dtd=13
Frame ID: E8657792472F795586F1B8EA926CE88D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1681999969&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969293&bpp=1&bdt=1960&idt=1&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0%2C630x280&nras=3&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9lGVud9eJ7&p=https%3A//securityaffairs.com&dtd=7
Frame ID: 7D8B3532005AD09AF3CA9B1243895D60
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Frame ID: 86A4126A0623BA8AFBB864CB36634BEA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Frame ID: 141B38D579BCE7617E5296BE1D7C6200
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 345BAE49B3903A5FDD973B43C75C8271
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0333836ED9059714766F286F93F07D2
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1F18EEA0D16B6AD187C1A8546EF449F1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CAB171C2E8CD6D000AFD7727FB320D78
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4C2C2E71FBAE1134CBC621E262101762
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: C02F49EEDF65C2314A56146E247651AA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 41D74F1614245C3A35A9A900693A54BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 22295E53F902ED845F73EE3CABA5DD36
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 817680E69325E3A77284975A51C15385
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CDE0B10C60E8DFB222B595484EA90047
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A5211635CE6A8864D0B1F08CE5185FBC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: AB88094819A3C73E1B6244D74BAE601B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: F6DB8CB67448BE1D7112CCA01AAA370C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trigona Ransomware targets Microsoft SQL serversSecurity Affairs

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

twemoji(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

162
Requests

93 %
HTTPS

56 %
IPv6

24
Domains

35
Subdomains

25
IPs

7
Countries

2757 kB
Transfer

5580 kB
Size

25
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://unit42.paloaltonetworks.com/trigona-ransomware-update/
Title: reported

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-032
Title: vulnerability

Search URL Search Domain Scan URL

URL: https://asec.ahnlab.com/en/51343/
Title: reads the report published by AhnLab.

Search URL Search Domain Scan URL

URL: https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/04/Microsoft-SQL-servers-Trigona-ransomware.png?ssl=1

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform
Title: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform

Search URL Search Domain Scan URL

URL: https://twitter.com/securityaffairs
Title: @securityaffairs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sec.affairs
Title: Facebook

Search URL Search Domain Scan URL

URL: https://infosec.exchange/@securityaffairs
Title: Mastodon

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pub/pierluigi-paganini/b/742/559
Title: Pierluigi Paganini

Search URL Search Domain Scan URL

URL: http://securityaffairs.co/wordpress/
Title: SecurityAffairs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&media=https%3A%2F%2Fsecurityaffairs.com%2Fwp-includes%2Fimages%2Fmedia%2Fdefault.png

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html

Search URL Search Domain Scan URL

URL: http://securityaffairs.co/wordpress/70429/deep-web/deep-web-book.html

Search URL Search Domain Scan URL

URL: https://www.cssii.unifi.it/vp-89-il-center.html

Search URL Search Domain Scan URL

URL: https://securityaffairs.co/wordpress/112244/breaking-news/security-affairs-newsletter-is-back.html

Search URL Search Domain Scan URL

URL: https://securityaffairs.co/wordpress/132506/breaking-news/securityaffairs-best-european-cybersecurity-blog-2022.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 139

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGXZZP5-ANvcWz7KutLbiD8&google_cver=1&google_push=Aer7DvIlwBEeH85GUG1HQMB_a9yoB1Tbn-TJ_Xyg1avb4icWFegNlCt2FHMtbd7eXISoJ2qiJBv4V6PiHPPRc-l9LxPebAvcCKCLXAc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGXZZP5-ANvcWz7KutLbiD8&google_push=Aer7DvIlwBEeH85GUG1HQMB_a9yoB1Tbn-TJ_Xyg1avb4icWFegNlCt2FHMtbd7eXISoJ2qiJBv4V6PiHPPRc-l9LxPebAvcCKCLXAc

Request Chain 140

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEENApBRTdndoQSuI4ncDJbg&google_cver=1&google_push=Aer7DvI-V1w2mSQzEBCo8lWuTPUS0yj5Y-q6WzcwveWy_IEX_ph89q6iQYUeXenm8WBziFL45QXYQmBzBN_LipaCb-_ZaEBsn1Gd0A HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEENApBRTdndoQSuI4ncDJbg&google_cver=1&google_push=Aer7DvI-V1w2mSQzEBCo8lWuTPUS0yj5Y-q6WzcwveWy_IEX_ph89q6iQYUeXenm8WBziFL45QXYQmBzBN_LipaCb-_ZaEBsn1Gd0A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvI-V1w2mSQzEBCo8lWuTPUS0yj5Y-q6WzcwveWy_IEX_ph89q6iQYUeXenm8WBziFL45QXYQmBzBN_LipaCb-_ZaEBsn1Gd0A&google_hm=2U_mFfahRyy9cuc_g34_-Q==

Request Chain 141

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO8i92-KGMMCKbGz7miqn4Q&google_cver=1&google_push=Aer7DvLWVOtJL9RsAqNqS_Srow4kuZmt31a1OdsYyrIzIXr2oZWi8mKNj_ME5y-OtYiCpbM3sZYIU4IVQl31vwkGILP81rW7Nry7jw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO8i92-KGMMCKbGz7miqn4Q&google_cver=1&google_push=Aer7DvLWVOtJL9RsAqNqS_Srow4kuZmt31a1OdsYyrIzIXr2oZWi8mKNj_ME5y-OtYiCpbM3sZYIU4IVQl31vwkGILP81rW7Nry7jw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM0ODY3MDg4Mzc3Mzk1ODMwNg&google_push=Aer7DvLWVOtJL9RsAqNqS_Srow4kuZmt31a1OdsYyrIzIXr2oZWi8mKNj_ME5y-OtYiCpbM3sZYIU4IVQl31vwkGILP81rW7Nry7jw

Request Chain 142

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE37xR8a8sjaNEOcQUiaxaU&google_cver=1&google_push=Aer7DvLzdFtzRULkjx6LWiDLSJMr2fUUjU4qxnu6QXUwFhuxFW5BIjlpmwYG7s8k25IkHnJUYesCzEBTtAbzr636AL_yPv2wtylXP98 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE37xR8a8sjaNEOcQUiaxaU&google_cver=1&google_push=Aer7DvLzdFtzRULkjx6LWiDLSJMr2fUUjU4qxnu6QXUwFhuxFW5BIjlpmwYG7s8k25IkHnJUYesCzEBTtAbzr636AL_yPv2wtylXP98&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-JKX0727QCyPlpxWsZdehg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLzdFtzRULkjx6LWiDLSJMr2fUUjU4qxnu6QXUwFhuxFW5BIjlpmwYG7s8k25IkHnJUYesCzEBTtAbzr636AL_yPv2wtylXP98

Request Chain 143

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDQb8hB03oGlGTxoJLlo-Kw&google_cver=1&google_push=Aer7DvKxlkhSHnitxbIVCkc-3vY-f7faplREjErsa9nQCgueZToUhN8uLL2IYvF-kFLYY9k99duxjUKT5bYB58rKCAu3uLK1d_ICtCw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQN0NSOEstUS05U0pP&google_push=Aer7DvKxlkhSHnitxbIVCkc-3vY-f7faplREjErsa9nQCgueZToUhN8uLL2IYvF-kFLYY9k99duxjUKT5bYB58rKCAu3uLK1d_ICtCw

Request Chain 145

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEOpA_xznjxlqtLrgTxVcJto&google_cver=1&google_push=Aer7DvLID65qkvZek7UV8NLNp_DuBh25hApmJct7U4X1x1Fxyh3LxO0zTx-aNU-jKsbDHfzajhC_VXH-2ubKw9OfNJyb72jyFQrYuHk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvLID65qkvZek7UV8NLNp_DuBh25hApmJct7U4X1x1Fxyh3LxO0zTx-aNU-jKsbDHfzajhC_VXH-2ubKw9OfNJyb72jyFQrYuHk&google_hm=X-ZFi80aQkmpp3sbjdB5CB8

Request Chain 147

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 152

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHkra08tdAzhudM-piByzDk&google_cver=1&google_push=Aer7DvL-E-j6cGV5ROixMiOwZgPNrNAXGklHg_xyDoLl-t1ar1atTNTxHXiT2GPIaSRTdqZ3KmgzNe91CJUiVW1LvdGFX4ycbYuPSstvyt6A7RIDo-hCH-78hGV3NaTsaXsDZ5j6ipH18QCMa-Hye0aU6dtM6c8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvL-E-j6cGV5ROixMiOwZgPNrNAXGklHg_xyDoLl-t1ar1atTNTxHXiT2GPIaSRTdqZ3KmgzNe91CJUiVW1LvdGFX4ycbYuPSstvyt6A7RIDo-hCH-78hGV3NaTsaXsDZ5j6ipH18QCMa-Hye0aU6dtM6c8

Request Chain 153

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELtukEhbFnZbnaoct2SoVrI&google_cver=1&google_push=Aer7DvI8RUuxX7nJbkIhv9FxfS7uPXcyQYmsPzxoGu7tw25glRmMRSE3eWJCNmB4v8-zRuRlwP5Dy4fsxU488X2C6AzpFrHI51jOkoczrASpYqcyhzpFGNr_9q8yRdyOqAxboF4REfUryEjsv3ZOUSxRgjRB6tg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELtukEhbFnZbnaoct2SoVrI&google_push=Aer7DvI8RUuxX7nJbkIhv9FxfS7uPXcyQYmsPzxoGu7tw25glRmMRSE3eWJCNmB4v8-zRuRlwP5Dy4fsxU488X2C6AzpFrHI51jOkoczrASpYqcyhzpFGNr_9q8yRdyOqAxboF4REfUryEjsv3ZOUSxRgjRB6tg

Request Chain 154

https://um.simpli.fi/gp_match?google_gid=CAESEIWX5jXb_dCpJLK0JSFIr6E&google_cver=1&google_push=Aer7DvIasMzZ10xELmQDSToFNdF3fosGVYJc3mEEayROp6Ta5B4KzOILsZ9PU7QSuvwkNyTIwWmDmT9W7OjyFGQZ0KtndGKL0qyxibqjUw1yLjDuXKTbgmo27a2LJJ65vaHc4D6xd2UvtMYV6QQULEWWGXCnz1k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F05DC7C155664D8F9DD6712D6B827A7F&google_push=Aer7DvIasMzZ10xELmQDSToFNdF3fosGVYJc3mEEayROp6Ta5B4KzOILsZ9PU7QSuvwkNyTIwWmDmT9W7OjyFGQZ0KtndGKL0qyxibqjUw1yLjDuXKTbgmo27a2LJJ65vaHc4D6xd2UvtMYV6QQULEWWGXCnz1k

Request Chain 155

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHHRdPJpiWrRe4rh1Tum3KQ&google_cver=1&google_push=Aer7DvJinMxDZYkEcT7K4_vfPMw3eM_TCggDb8BwVz-XKYeXytUinQD_H56MaUTkoSSl_Ys_b0h9gKRplsk8IdcT8lpI1MyklcMFwEYdMWOnByJbdmH274UEoPZqJYppcZwMbcgpvWz-7zqA4Jm_51bx84ZcwgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJinMxDZYkEcT7K4_vfPMw3eM_TCggDb8BwVz-XKYeXytUinQD_H56MaUTkoSSl_Ys_b0h9gKRplsk8IdcT8lpI1MyklcMFwEYdMWOnByJbdmH274UEoPZqJYppcZwMbcgpvWz-7zqA4Jm_51bx84ZcwgA&google_hm=2U_mFfahRyy9cuc_g34_-Q==

Request Chain 157

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIc609XIYz3OwjdZkmvYwOo&google_cver=1&google_push=Aer7DvKe2Tobs7sXV943bBHzHp0WzPZeKeZv4DjGqKltZ4R4y2f1ZzhutpmIENVZbiZY_-478-DVPw7eXsH5eFe7PTph68kCSLcJlOjoEYQWFNW3Zie0-yBFdkUDYmyuC0BtAWx8kGpRdU3moYxGsx1EB9pkzw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pDdSYLRIRwWOjDK48nykqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKe2Tobs7sXV943bBHzHp0WzPZeKeZv4DjGqKltZ4R4y2f1ZzhutpmIENVZbiZY_-478-DVPw7eXsH5eFe7PTph68kCSLcJlOjoEYQWFNW3Zie0-yBFdkUDYmyuC0BtAWx8kGpRdU3moYxGsx1EB9pkzw

Request Chain 158

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEMssPsgB9K-HeSV8LJd29b4&google_cver=1&google_push=Aer7DvKpWxbp0GHNPznNUeBgw-LoPvpBsvS0NZsYjk5ALqz76mIS88iLiYzMp2arqTQYXIBGYfHVq7604DSe8js9nwIw-U7AJEXbuHT6mmroivFYNShm-hvq_ovkNaFjRCtwSBoOm3erDKiezhckLn2k5NDIz7mN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvKpWxbp0GHNPznNUeBgw-LoPvpBsvS0NZsYjk5ALqz76mIS88iLiYzMp2arqTQYXIBGYfHVq7604DSe8js9nwIw-U7AJEXbuHT6mmroivFYNShm-hvq_ovkNaFjRCtwSBoOm3erDKiezhckLn2k5NDIz7mN&google_hm=X-ZFi80aQkmpp3sbjdB5CB8

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

162 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request trigona-ransomware-targets-microsoft-sql-servers.html Show response
securityaffairs.com/145036/cyber-crime/ 87 KB
19 KB 102ms
65ms Document
text/html 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc579adb9c01af6778a9ca70a43887f508641d8ad065c7c0b5458d013a8283b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 7badfbf36feb047a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 14:12:47 GMT
link: <https://securityaffairs.com/wp-json/>; rel="https://api.w.org/" <https://securityaffairs.com/wp-json/wp/v2/posts/145036>; rel="alternate"; type="application/json" <https://securityaffairs.com/?p=145036>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1e2B121ffH%2B84ABV9dkCLm3OafVxHZAxlZ5syxIuYIc6D2%2F8qm%2B0d6M5gPPo7Dn7EBhIVDZkumlzPieOYERKBX1Q1ZQPOCfjLTS%2Fu%2BxHWkQtNTsfMlB%2BDRg%2FC3IYXQ5fs8iy0kG0PMSg56KvlccLekL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-pingback: https://securityaffairs.com/xmlrpc.php

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 122ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb2327659ed684596ff8a29c6e2c30867c4514e0b4139ad11abdb3435e386d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47837
x-xss-protection: 0
server: cafe
etag: 2436056160953599619
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 14:12:47 GMT

GET
H2 200 style.css
securityaffairs.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 54ms
42ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1009b5a8852ca3fdbdacabac3778cf9dea8f91a58d36466a5fe20d0441ead1f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52288
cf-polished: origSize=104503
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-19837"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtXohd%2BgXrUBHycmzmTBuc0Q%2Bls7646Xq7s1Sd3XFuJ%2FprgjngBpxxbsCYYYE73TE7UxFHBfpCXQcFiosc9IB1YEQqGJEU3ic2y%2FH6IFRLsOocMeLYDZ16R5NWB2OyhJIgfXqBk6vrGvjbMgSJnGw%2BzS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8d6047a-FRA
expires: Wed, 26 Apr 2023 23:41:19 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/ 11 KB
3 KB 44ms
32ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 267936
etag: W/"5fd15e34-2bf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puiVq39gU1GhFJsUSpkchB4FAEeDbjbFks9buJpQJ4LiQtOrngXuHPbltF2hNZaCrl0hLcKWACrPP9djkjIQHIwUnwAOCmvh4jO381QIC0ZHgfiXZu1YG2H1yiqDYGeCk78gmQdTLxjz40s9d%2FtA7%2F2o"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8d2047a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 24 Apr 2023 11:47:11 GMT

GET
H2 200 wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/ 4 KB
1 KB 43ms
32ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52288
cf-polished: origSize=4960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 13 Nov 2019 23:52:08 GMT
server: cloudflare
etag: W/"5dcc9728-1360"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAnNRX89CURm3mdxm%2FfXU4K9SKob0URSuJC%2B4tdP%2FEgnIcwl9cupcNuJN58zZ7qQfcEf%2F7aI6Zl5NVcK3K79uJ36ijXqKuIm1BNQ%2FPmbjMAZPX3YnaSENWjQmGQDGvN4TsIZ4va2hqrtfl1UIZmjvlP2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8d4047a-FRA
expires: Wed, 26 Apr 2023 23:41:19 GMT

GET
H2 200 classic-themes.css
securityaffairs.com/wp-includes/css/ 257 B
576 B 26ms
15ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/css/classic-themes.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ea1f3c6951b71eb83050cd630f9c7c1c736b5b277d38a0e4465d80a5e53d4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52288
cf-polished: origSize=729
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-2d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmZk3jOrJx0V4L3r%2F6MRWdbetUDKJtIvG6te2yCTww3K6zHIRJ97FtzTyBcCLAd%2FecpriyIwh7576Mj%2Fmh%2FF2BfYP5ffNwn2oMRc5IXtsnISomXfUUNU5WSttPCbMhWGmizX0ON1oJ0bVdI7GzZkUYRd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3e8bb047a-FRA
expires: Wed, 26 Apr 2023 23:41:19 GMT

GET
H2 200 cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 3 KB
1 KB 34ms
24ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.8
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110903
cf-polished: origSize=3106
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 04 Jan 2023 00:35:43 GMT
server: cloudflare
etag: W/"63b4c9df-c22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWp%2FE9eaDlv%2B71sITPmhVsPPXXm85lzqwVvaQy3YFR8AUGoCUDv9LsQAzaHpxEMNQpPHCLkCLeA6dHOS%2BiCY5RC9rSBMSQXZYSHUuZoaf4brKccT1g8iHcwGhkbEqdf%2B48goA4kRzHtV%2FDx5h0KoepJ8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3e8bc047a-FRA
expires: Wed, 26 Apr 2023 07:24:24 GMT

GET
H2 200 cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 22 KB
4 KB 37ms
27ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.8
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271928
cf-polished: origSize=27249
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 04 Jan 2023 00:35:43 GMT
server: cloudflare
etag: W/"63b4c9df-6a71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ri%2Bky%2Fpfznv%2BfQRH0lm4XG0dZWEyKm%2F3CMlEcIQVU79mjjUf2uHGBTtflg8cQWeu7uPSmPiv4RxYKwSua3%2Buh%2FEyVLwhuyJGZ4Nvm5mhxHHmc%2BBL%2Bd2kAyjd%2B90L1HflglTg%2BbTVmDkET%2B%2B9TXe%2FYmhl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8be047a-FRA
expires: Mon, 24 Apr 2023 10:40:39 GMT

GET
H2 200 custom.css
securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/ 15 KB
3 KB 33ms
22ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196123
cf-polished: origSize=19858
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 13:54:59 GMT
server: cloudflare
etag: W/"56716d33-4d92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUhoH1ZCI5E4MgkdKlXSmMIDeH4ALb1HyDzH%2BhZM7f32bFgHPsiQVdvKAhEbF9kVc28orAhW0PWYGQRlllpdKcowQTH%2BqOwXOthdqMy6cjsnydxqbJhX2Yu7yywf5%2FK7vx72ml8Nu1zZxTGRMrSogrmt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8c1047a-FRA
expires: Tue, 25 Apr 2023 07:44:04 GMT

GET
H2 200 tipsy.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 461 B
572 B 31ms
21ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197812
cf-polished: origSize=539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: cloudflare
etag: W/"56710b7c-21b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcnK06z7bNbdMnvdecNncnla6Hp43GHS1j181o%2BYjPCdQO%2B%2BW0UjIujC5mLP9RR0D97yK6MoRLS02aAl%2BPoJeuxSP0sL4AzXPqUK%2BQ0YgGlHbu7b39iihJE2BzEX35rGs3GhRbGjtdGxq%2BhSweBdd2C6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8c2047a-FRA
expires: Tue, 25 Apr 2023 07:15:55 GMT

GET
H2 200 flexslider.css
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/ 5 KB
2 KB 41ms
31ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197812
cf-polished: origSize=6225
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 13:55:09 GMT
server: cloudflare
etag: W/"56716d3d-1851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THSgYHKPOl7CleA4yJ%2BrdWRd1fk7iWdetZrdRhVAf1cWH6rxvh%2BoJi%2BYDI3cgnnyafqe%2B37xiOkzoSrwNLWuGx6dY0%2FOl%2FVQeyJctRVkESS8NegaqkiYBWPbOAEl9ET%2FIcILboe4msZcklNdEtZbfReF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8c3047a-FRA
expires: Tue, 25 Apr 2023 07:15:55 GMT

GET
H2 200 animation.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 1 KB
796 B 38ms
28ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197850
cf-polished: origSize=1716
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: cloudflare
etag: W/"56710b7a-6b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1DdxYk9puSzAzxuDlBFKQ8hUJw%2FeTZU0pcqOHJgnbSwLHYzQadN7rSGZD6D7g4SoUkS3VZ7IdBRTCF9dbuOWT6J7PdT%2F5%2FT0P4nJFjf2l6svPaeDp814d18SWuFszCVRO7auxCfYvqcxgTWoT%2FDcjXU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8c4047a-FRA
expires: Tue, 25 Apr 2023 07:15:17 GMT

GET
H2 200 font-awesome.min.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 17 KB
4 KB 40ms
30ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 271928
etag: W/"56710b7a-4574"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3l%2FxNSPPuQcow1qWftPb%2B5NMn46Yiw8nc9praYQme9MnVPGe9x%2BemU4oEHAlqK1gqLVv1Z9xUs%2BWRiuRZug6%2F8pPdy4yaeYf28x7VV0iYkclLIst8X4Ij%2BjVN5LKfhJAe9%2B101qXsqN6TbzzeMAnbbMO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8c5047a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 24 Apr 2023 10:40:39 GMT

GET
H2 200 swipebox.css
securityaffairs.com/wp-content/themes/rigel_old/js/ 3 KB
1 KB 39ms
29ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34014
cf-polished: origSize=4493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
server: cloudflare
etag: W/"56710b8a-118d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nt79LRrpJZ%2FryHEvwX2HNiGo9wF7l7wF3ipYmWp2o9y7rQL4Xq%2BSGK%2BpdZ3%2FJWirSsNPRbPEo2OEQQnDQjX7N2kYtQb%2Fu44y8r6YDnUjFkmT4rDKiJXJwm9yaQVBgUzApfWD989Nk3jwNJRUQZ83U7XH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8c6047a-FRA
expires: Thu, 27 Apr 2023 04:45:53 GMT

GET
H2 200 jquery.circliful.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 264 B
480 B 40ms
30ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196123
cf-polished: origSize=334
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: cloudflare
etag: W/"56710b7a-14e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2F6iF5m6jOuNf3ZV%2BDozARWieLlzx1fq2ErEjUv6kUP45mMY8XXWixScMTkBUJuNy7irzujt1djyzlp%2Faqd4vOzZhkZcSXHjTZVUM0VO%2FbvprH1HEtky9oAqG9yMEUySnx%2FTMCJpLDmsf%2BoxohMc4vse"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8c7047a-FRA
expires: Tue, 25 Apr 2023 07:44:04 GMT

GET
H2 200 screen.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 95 KB
18 KB 58ms
48ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197812
cf-polished: origSize=112708
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: cloudflare
etag: W/"56710b7c-1b844"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUIMBzYFwwFtctHbhv4dAvpkiE%2BLFTPouyjOU%2B2JmyZ8yyRSo5zQgtx8KSwrhzDzG7wJu1LNPYMgugIrEeuHmRG6LxXgasmQNwq1FuKmN24GqLMh%2BqxxEoZ%2FjHd5LmYyGWdQipKU1vdW8AYd58ctWvKr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8c9047a-FRA
expires: Tue, 25 Apr 2023 07:15:55 GMT

GET
H2 200 custom-css.php
securityaffairs.com/wp-content/themes/rigel_old/templates/ 12 KB
2 KB 398ms
388ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yndki5vNluIB6MCFkRk3cCe%2FvvACopEbos9NaD5MN5L4%2ByAJNtpIgTDCril6YIkJ7lObhpvR96Eh%2BD0F2bQ5ooyi2V08fTl7klTOvkV6DEgtPzwQl%2BaWc%2BQj3IugkeH5t8kdaiTkpcp3sGKdMbpz4oEc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset: UTF-8;charset=UTF-8
cf-ray: 7badfbf3f8cc047a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 9 KB
871 B 83ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=540fd913fdda078d6087769568ea9bcb

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

696ba92e789802d7f0f9be9df74e4e93fca67e1770aba35d0eb58d2455a9809a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 14:12:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 14:12:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
864 B 81ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f594c614f282b4aa13357496d01e5ad7bf60b270e0786cae089bbbfb4b97f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 13:39:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 14:12:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
625 B 84ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2f9e27942c2f7c73121bf086987c33c91fd076f08ecbd549c2c02646e8324fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 14:12:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 14:12:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
647 B 82ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd35363d56e4fc8e946c08ab06bc2ef1345c022893649ea5c086b9b275504b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 14:03:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 14:12:47 GMT

GET
H2 200 grid.css
securityaffairs.com/wp-content/themes/rigel_old/css/ 43 KB
7 KB 50ms
41ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/grid.css?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52288
cf-polished: origSize=50674
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:03 GMT
server: cloudflare
etag: W/"56710b7b-c5f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BhN01qcJeIf69BzVvzp5LJkRaQgQ4tsVmhz%2F%2BeplFuoAomkgjGBl2a7pv8C%2Fdr37SG%2B3EL%2BRp9ZDIHjjdVOx6PpwQlSZrKVbV0vH%2BWzcAVnqRUZBqu3Uk1Pkrt%2BZ1gY51ynu69QltoeCKXxKlnhNvkC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8cd047a-FRA
expires: Wed, 26 Apr 2023 23:41:19 GMT

GET
H2 200 sharing.css
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/ 16 KB
3 KB 48ms
40ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=12.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93c1ac24fad6ffb0de84e1f56b111e8b177d68a2948ffe1c87d9c02bb68b2d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34014
cf-polished: origSize=19408
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 09 Apr 2023 18:46:58 GMT
server: cloudflare
etag: W/"64330822-4bd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joSAct1rdHUBnhPbnxtzVzJCXm%2B00FGo2%2BOvRb1r3PdiV7GzB2SZpH0b2R88xQbNZJthjefa0ONAmzDStuV0xsugNiU1%2BAReMTo9T%2B9Xn3IwkUtPhO92TB3LOq1qr882BK4tmDNW0Pcf2bkxm18p8Oz8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8ce047a-FRA
expires: Thu, 27 Apr 2023 04:45:53 GMT

GET
H2 200 social-logos.css
securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/ 11 KB
8 KB 45ms
36ms Stylesheet
text/css 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.css?ver=12.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee86b02e97bfb8f83af87a4f7991c713e1e90dce091524c0c675b393091b6ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 323019
cf-polished: origSize=12101
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 09 Apr 2023 18:46:57 GMT
server: cloudflare
etag: W/"64330821-2f45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLzCzvBSrpGwkkjiwg42bNoX8y792T%2BdOmcH7ph5mbjy9FefWEzpxykeK93QYQeL0wxkBtUEnX2KTUEmNixaw0m1%2FTatJoXRSz5e16vu57QoN%2B4LT%2B1EuqwxY8RQgrZ5PAVAkI%2BMIamCnIWX%2BtnN3hg7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8cf047a-FRA
expires: Sun, 23 Apr 2023 20:29:08 GMT

GET
H2 200 jquery.js Show response
securityaffairs.com/wp-includes/js/jquery/ 142 KB
42 KB 57ms
48ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.6.3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e52be898a7afbbfa119fdb5a95ca82c2b914da8d756404f7e5c7e0b6ff1928

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52288
cf-polished: origSize=292478
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-4767e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWZ9XzpvwQFNAeLrM1HcsaciNQbpLcCUcI7TUj1ZMMM4bqZ4Vprk6P4BqTeeekPRjVjWm5tp0tpeBhpCM3Gp8Bo5CJcfwSGkNPtSbm6qhPF1k0%2Bit%2FP2%2F%2BjmW6IyxeqEtNXS%2FYyqqTo%2FOYF50QxwHrz9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8d7047a-FRA
expires: Wed, 26 Apr 2023 23:41:19 GMT

GET
H2 200 jquery-migrate.js Show response
securityaffairs.com/wp-includes/js/jquery/ 18 KB
6 KB 50ms
42ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4baf058901663c6879894c0067cf923fa200cb95a0a4c25b1471a62c2a63c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52288
cf-polished: origSize=30789
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-7845"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPS7z%2Fj9KYwQWTwX4aPgRhNJrJiWlSugY9EVUSf0RQW2%2B3CKmrMId%2BeU6bSuleJLYiO9gYY3VLL2BOLwFwmcCP8cAaXLc5gptnPvp35diypnVgLjv7kAtQ3l2BCk%2B9N1n%2BAeUtTQV0nTBR4WNzTRDFx4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8d8047a-FRA
expires: Wed, 26 Apr 2023 23:41:19 GMT

GET
H2 200 cookie-law-info-public.js Show response
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 27 KB
7 KB 52ms
43ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.8
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110221
cf-polished: origSize=34179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 04 Jan 2023 00:35:43 GMT
server: cloudflare
etag: W/"63b4c9df-8583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=at55vmVZSAjyUmQcTEEg86kHUqsEhM42pGqHcUL2qSTEFqWp1RXZQsbPbT14OHr93yzGzhrkTSlE22QMvGJbtNd%2BD3Oid5I4jI5EdL6wePtFpGVKAsjynt%2FZeZf%2FV%2FETmcGyrh21a9KXNvjrwv7Ksdzt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf3f8d9047a-FRA
expires: Wed, 26 Apr 2023 07:35:46 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 198 KB
45 KB 73ms
7ms Script
text/javascript 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-34.fra60.r.cloudfront.net

Software

Resource Hash

d7a1bdec6b5209de5be156a573409f2f9e30488cca22fb380d2234057c7973f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:11:50 GMT
content-encoding: gzip
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 59
etag: W/"3184b-xStZrNgO3eG9+q9l3cRkzPWrPx0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: ommhZQAtEGtNocSqJqBG9ubynrJWL7mUAowmKm_8v_X7pgLUI6cseQ==

GET
H2 200 Microsoft-SQL-servers-Trigona-ransomware.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2023/04/ 232 KB
232 KB 79ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/04/Microsoft-SQL-servers-Trigona-ransomware.png?resize=1024%2C302&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

b947350166d7e9dba1b9b802da7893cb1894e8d8f7d93513d7034c640742a4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Thu, 20 Apr 2023 14:12:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Apr 2023 07:22:19 GMT
server: nginx
etag: "843f503300348229"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2023/04/Microsoft-SQL-servers-Trigona-ransomware.png>; rel="canonical"
content-length: 237460
expires: Sat, 19 Apr 2025 19:22:19 GMT

GET
H3 200 Ryuk-ransomware.png
securityaffairs.com/wp-content/uploads/2018/08/ 635 KB
636 KB 51ms
39ms Image
image/png 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2018/08/Ryuk-ransomware.png
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dddb102ffcaede7d2b9f77dd316851396459d8af674fb871fe02eb57bad5d160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61715
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 650147
last-modified: Thu, 23 Aug 2018 13:52:53 GMT
server: cloudflare
etag: "5b7ebc35-9eba3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ov7Uel78s%2B47Pa8xEnVQUpyIHfiQUpuH3QVPzROwanGRimOOfPT0NBbxaX964m45l0KkzQAPXHiDtR6UjNhICSVWS33AQRWP8lBY6e40h15jjI%2FuMS50d%2B7Zoj7n5%2B0HFzeW8%2F08YYUMbkTuBnkSInsY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7badfbf6bac33a6c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 google-chrome-bounty-program.jpg
securityaffairs.com/wp-content/uploads/2016/03/ 45 KB
45 KB 37ms
25ms Image
image/jpeg 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.com/wp-content/uploads/2016/03/google-chrome-bounty-program.jpg
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0047733bc76e5bd8c521cf094dd73b5d482e7d062bbf513f801abccf81d47696

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73615
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45934
last-modified: Fri, 25 Mar 2016 15:03:02 GMT
server: cloudflare
etag: "56f55326-b36e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BFacEe0JGHeTvjvx%2F5ZrZXEwtRVrRE01y9eCrE4AdG9rb%2B5pGEjzaKQuFkpSgwCib5idF2c%2Fd8OtOp%2FLpeRy1RMG5VGUrfu1UmBOxZMUjYOlBe0OHYRPkxBrSzDqdvujCRL0krmSoRfeM5e7kWGl%2Bgk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7badfbf6bac43a6c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Ryuk-ransomware.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2018/08/ 54 KB
54 KB 79ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2018/08/Ryuk-ransomware.png?resize=300%2C300&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

5defe7611a897f73d449f21189ca5e35529d3d2afefdb4ba17006d6d8f70470c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Thu, 20 Apr 2023 14:12:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Apr 2023 08:31:02 GMT
server: nginx
etag: "36d432d31a75b34f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2018/08/Ryuk-ransomware.png>; rel="canonical"
content-length: 55120
expires: Sat, 19 Apr 2025 20:31:02 GMT

GET
H3 200 email-decode.min.js Show response
securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 12ms
11ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Apr 2023 19:06:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6439a44a-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKjMM2vH4cFzsa3eX9Z6v%2F4mZrDStoV%2Fu3oFzGQDvaxvUi%2BS1tPICOSu3WR68eKeHuxVE7IwnPTgr8oM4B0A8nurcvFkd8tVvvcSizRtHH%2BmQnFZjqcdUBesSxYowtjx74KZnnwv1kQwLXX04YG6n7rM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7badfbf4bf9d3a6c-FRA
expires: Sat, 22 Apr 2023 14:12:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
82 KB 92ms
31ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8e0c2a382af28fc09bc75e63405138ed88021ff253131b530267052c0599deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83930
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Apr 2023 14:12:47 GMT

GET
H3 200 photon.js Show response
securityaffairs.com/wp-content/plugins/jetpack/modules/photon/ 927 B
955 B 16ms
15ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37deb9dd04cdebb5a80730395780332c03ec667693b3ddb06d8983157679d64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109060
cf-polished: origSize=1760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 09 Apr 2023 18:46:58 GMT
server: cloudflare
etag: W/"64330822-6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Rzd3MwbMtYc%2FABDBAcB93Mo68FLx4GT7tMKA2rpXAbyhmtXFnUjefTT0TZkt7Taffc7QN6Kr4eAwQZvjoHAyGU0zuXB7VSOZLpmDsS9XkayPXYAjcTd4cwpQKCou53Mg5B3EWSsUYI%2B6iPdbAQHhiaq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf4efe33a6c-FRA
expires: Wed, 26 Apr 2023 07:55:07 GMT

GET
H3 200 ssba.js Show response
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ 2 KB
1 KB 16ms
16ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1678144527
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 222095
cf-polished: origSize=3110
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 06 Mar 2023 23:15:27 GMT
server: cloudflare
etag: W/"6406740f-c26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJfqogrschL22NXLVPIfX1ZZM9EHS38YJJyPIyk%2B1%2FouPpc9VWqNcDuiyuAT1YkTBXf4oieAAuSYUSzh9SMdeFs%2FyQPeALIHmKimf8dCHRQ9XUoR2tfybBoR45w%2Bo%2FWrO6Wo4AkIazIEDM9aQ2FR3lMl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf5080c3a6c-FRA
expires: Tue, 25 Apr 2023 00:31:12 GMT

GET
H3 200 hint.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 467 B
787 B 18ms
15ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 557709
cf-polished: origSize=987
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: cloudflare
etag: W/"56710b89-3db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqrlUofU%2Bd6U5bmuGeoct%2FVrMFCB%2FeqLq87hYsjSNiRoeJfph1g78Z37gOyYnD8GPj1hCwM3w4U3lYpcN7jBbctEEqkXvoa53eVix1ltK2DfQZc4k9xHIRn345r05CSZnagU4%2Fk%2Bp%2BF72EI9PKk8cIe%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf548753a6c-FRA
expires: Fri, 21 Apr 2023 03:17:38 GMT

GET
H3 200 jquery.tipsy.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 2 KB
1 KB 16ms
15ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110895
cf-polished: origSize=4371
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: cloudflare
etag: W/"56710b89-1113"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5U096j1ghh%2Bi2w9tk8uvIXARNJ6q0m7PKN2SMs7QPLPiqLELzlh0XTHIfXM4BmWv2ETXGzkUjfwznjFuJllopEFGiMNIkcWQckH4lBwD0pvrlM8okSERW07giEIglXe6sd0nqzGqOoyQz%2Bbi8cD8dlJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf568ab3a6c-FRA
expires: Wed, 26 Apr 2023 07:24:32 GMT

GET
H3 200 jquery.easing.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 4 KB
1 KB 14ms
14ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110895
cf-polished: origSize=8097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: cloudflare
etag: W/"56710b89-1fa1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MI%2BBiLRcIos1cx2WwFqeiJCSLsv3RArfnjiCIUhFSCgKJgkS7nJ1lVSmKMlK6TmIxofVvl%2FAlNz5byecTOyT0oN%2BYdjS%2B0Ky6o0iUFn89zdYMaqd1%2FYVW%2BKEXY3LSg1BkYGR84j90USHrGZrxwJdsgy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf588ca3a6c-FRA
expires: Wed, 26 Apr 2023 07:24:32 GMT

GET
H3 200 browser.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 2 KB
1 KB 18ms
17ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110895
cf-polished: origSize=2614
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: cloudflare
etag: W/"56710b88-a36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ja10YmDOb454E4MRagf9UEOvd35bt4xqpa1%2FLzUVD%2B19a2MgVjDnhI3JBU%2BEu46C0fIrjcnRL3l91DWmb7R8%2FwM0gvi3%2F3sxOdoXMa5myVwiVwewxMQYqdaCdw6vZsDPsHvplradf6ehUE54ADBylvKG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf598fa3a6c-FRA
expires: Wed, 26 Apr 2023 07:24:32 GMT

GET
H3 200 jquery.flexslider-min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/ 21 KB
7 KB 20ms
20ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 13:55:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 110895
etag: W/"56716d3e-53ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lw78s5qKMiLeVkbl2Dztq%2FcOd3Jcy71ApC71NDuyutyCBoK5srGFLnoAg1vMHTum5B%2F0OHvjyfqrLGpekCWW4E%2B1RKRC%2FkAAVeHw98ehxkCYzpvOFFBzPKxD9WIyP0Q7xADAx6wGq%2BstPeew9hb0Vp2H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf5b93d3a6c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 26 Apr 2023 07:24:32 GMT

GET
H3 200 waypoints.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 8 KB
3 KB 15ms
14ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 110895
etag: W/"56710b8a-1f6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBTo%2FwRFGNLggz9oVY1JqeHzIjE15eK4gPINJ9EXtlQY7m2UE3ev1zwSrfetfwGv2VUA5hShWGd0%2FuDBsfxT8MtCGg%2BB4O74vV5kKyispEg6fjr7lNNFoD9Y9X3wDAEL1tdCcfFWIDCqQZuHKbjgYkZ8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf5d9703a6c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 26 Apr 2023 07:24:32 GMT

GET
H3 200 mediaelement-and-player.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/ 69 KB
20 KB 17ms
17ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 13:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 558347
etag: W/"56716d42-11571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDzVIXsf3aWYRRTi8KuzKt%2B6GxFdUeKEVinrCKmymDG47UJl0tu1WZiqtTsR9S0b904uamo0FIBut2CL%2FldzNeCODhaz6uZErBotzZupQimyDGmVD73x4ndIrCoQzo%2F%2BZc921DaK7lTd2yEUIoxNsn9q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf5f9a13a6c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Apr 2023 03:07:00 GMT

GET
H3 200 jquery.swipebox.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 11 KB
4 KB 20ms
20ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 115900
etag: W/"56710b89-2a67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nslbbny7NvM1YClVIRdfz9ROrZbxMbr%2FrQFskIQcgaeTP9gasIr0uOnCRTSDieWZEe2dVT%2Fx0DmUQI2VLkqAtfsN%2BkQJAls9ICr%2FEmAXtbOMIrlyuEFESYICLhpeOWl0TQJgwUY%2FClM5huFsnkdG1hm%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf629e63a6c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 26 Apr 2023 06:01:07 GMT

GET
H3 200 jquery.circliful.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 3 KB
1 KB 21ms
19ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 110895
etag: W/"56710b89-c18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkgJTvDDRef0tCS7SYtmy2t2T5gR35wudLDExiGDTBjQZLBwGKeMwPvGGz5Qux5W%2F6CdsqeHQ%2FViY26zKZvWjzrQhRlY5wkqKh%2FMBGsulPEtJnUy2oC%2BIeN%2BdGn7kJyDFEiNNOalPFkzQYduQPKmi6Aw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf64a1d3a6c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 26 Apr 2023 07:24:32 GMT

GET
H3 200 jquery.smarticker.min.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 13 KB
4 KB 20ms
18ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 62063
etag: W/"56710b89-3225"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUgt99i1%2FSfPYKRzNoIjlmPjJJ4%2BmhZTuXzVkWtpsVtsbmP7N9k57e6RQRIyWHs2XjCKuQG%2BNGyrn7eB4DBVuGRewKUv4PjKLs%2BdjtCrfR5edTldMNIFliAHEbIYewBgsyn0M8T4zP7LIXLj8MHmaeFT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf66a403a6c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 26 Apr 2023 20:58:24 GMT

GET
H3 200 custom.js Show response
securityaffairs.com/wp-content/themes/rigel_old/js/ 10 KB
3 KB 57ms
45ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112824
cf-polished: origSize=12756
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: cloudflare
etag: W/"56710b88-31d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8fP4ym%2FHKmYFgK5%2FhPlNcvnE8WExOdUIGlVQsJI7aBWQMibLPmXenQDqCsdE3xbbTUnDqScuBDTCeqXgk7fQsxXuTCKkcoykBelicZzNBF%2Be6e%2BeZWRyX8rSckc3xfxHULnT4zrkkF1JxMJFwlJY4VE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf6bac03a6c-FRA
expires: Wed, 26 Apr 2023 06:52:23 GMT

GET
H3 200 sharing.js Show response
securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/ 12 KB
4 KB 58ms
46ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=12.0
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 317946
cf-polished: origSize=18206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 09 Apr 2023 18:46:58 GMT
server: cloudflare
etag: W/"64330822-471e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFiPEw42ESZhVWm6shV2oCK0VeZMmvT4wJ64gXysHxUDeZPzA9qId%2BUJY5Y0LPuBOCJL0SnhmfqQKj7jPRKBdoTcRsdJeEDeUstn2RSfGSMdwAei98LtLuebCV04JRMsnmPidAb%2FRSVkWpSHayI3gM89"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf6bac23a6c-FRA
expires: Sun, 23 Apr 2023 21:53:41 GMT

GET
H2 200 e-202316.js Show response
stats.wp.com/ 9 KB
3 KB 338ms
12ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202316.js
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc: HIT ams
date: Thu, 20 Apr 2023 14:12:48 GMT
content-encoding: br
server: nginx
etag: W/"62f6b688-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 14 Apr 2024 22:38:22 GMT

GET
H3 200 twemoji.js Show response
securityaffairs.com/wp-includes/js/ 17 KB
5 KB 69ms
58ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/twemoji.js?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51393
cf-polished: origSize=33089
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-8141"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4S%2FCaWnqK6TASgx5D6htWFRpYRu8zmxmLUHN8QvBRPHE6UCvrYILr699DGNZmLFYY4qPIbTrQbcNGRxmJnYhR1yK1xd%2BM0Djid9MF7Dpk%2F9Ljd%2Bn%2FqjUFwel6bz6x6NZyw6KK%2BSF%2FKYBaX0gkl%2FLttT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf6bac63a6c-FRA
expires: Wed, 26 Apr 2023 23:56:14 GMT

GET
H3 200 wp-emoji.js Show response
securityaffairs.com/wp-includes/js/ 4 KB
2 KB 71ms
59ms Script
application/javascript 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=540fd913fdda078d6087769568ea9bcb
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51393
cf-polished: origSize=8969
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 29 Mar 2023 22:54:43 GMT
server: cloudflare
etag: W/"6424c1b3-2309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUFfw6tSQwIbO5d2%2FoAIfYH2hNKEkveJX9l0mD7A6JM5u%2FugThuegtk%2FMYDLnS3SQ%2FYDdrIHQf%2FYUXaOADaS9c18tIQuYMlTM5s9oZz6E7MdjX4Zu%2BGdiVPBtNZSfqYDCkO03kvOSMm3Xilcufj27dGp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7badfbf6bac83a6c-FRA
expires: Wed, 26 Apr 2023 23:56:14 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 123ms
73ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff09b87717849a3e1e73c285ca180af2d1e9b5a78edac97e6c24a1cbe52d6a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118931
x-xss-protection: 0
server: cafe
etag: 12040219254865849436
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 14:12:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230417/r20190131/ Frame 3010 10 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230417/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 08:02:18 GMT
etag: 2378337311435320485
expires: Thu, 04 May 2023 08:02:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 63aa5463b92caa0012f81022.js Show response
buttons-config.sharethis.com/js/ 438 B
884 B 104ms
24ms Script
text/javascript 2600:9000:2451:1600:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/63aa5463b92caa0012f81022.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2451:1600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

db4312bece8d50799c3e99a316a58218a527df0f25b93c3e075e04712e20cacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
via: 1.1 fd6adecd7f5b53e89c348be67ee6afb8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: HAM50-P2
age: 4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 438
last-modified: Wed, 28 Dec 2022 04:37:49 GMT
server: AmazonS3
etag: "d0446970cab2a3b08a2f4f8bdf2fbef7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
x-amz-cf-id: BexD7QqR8ZKDHnQ1IzuSx1tDQ_gagy3AcGApL5eQ-uofWhkgX7Srog==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
40 KB 90ms
31ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76666e1893a682c94cbf578809f3e9e2f89484776ad8121e2e5fb1c0e454548a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40824
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Apr 2023 14:12:47 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
406 B 289ms
11ms XHR
text/plain 3.121.88.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Trigona%20Ransomware%20targets%20Microsoft%20SQL%20serversSecurity%20Affairs&cms=unknown&publisher=63aa5463b92caa0012f81022&sop=true&version=st_sop.js&lang=en&description=Threat%20actors%20are%20hacking%20poorly%20secured%20and%20Interned-exposed%20Microsoft%20SQL%20servers%20to%20deploy%20the%20Trigona%20ransomware.%20Threat%20actors%20are%20hacking%20into%20poorly%20secured%20and%20public-facing%20Microsoft%20SQL%20servers%20to%20deploy%20Trigona%20ransomware.%20Trigona%20is%20a%20malware%20strain%20that%20was%20discovered%20in%20October%202022%2C%20and%20Palo%20Alto%20Unit%2042%20researchers%20reported%20similarities%20between%20Trigona%20and%20the%20%5B%E2%80%A6%5D&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.88.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-88-215.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 14:12:48 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://securityaffairs.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 59ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:03:21 GMT
x-content-type-options: nosniff
age: 97766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 11:03:21 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 77ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:32:46 GMT
x-content-type-options: nosniff
age: 186001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:32:46 GMT

GET
H3 200 fontawesome-webfont.woff
securityaffairs.com/wp-content/themes/rigel_old/fonts/ 43 KB
44 KB 35ms
32ms Font
application/font-woff 2606:4700:3031::6815:90b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.com/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer: https://securityaffairs.com/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Dec 2015 06:58:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6774074
etag: W/"56710b81-ad90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBaRo61u2jjSRfwVkGTqkt2DOdFQTQEgCO2KjawCgvjWQqR%2FT7sM7KELIbCRmGUhI6cm6YLYiR%2BzBopXgA9Eh%2BYXM%2FYwUQYAgu23qkA%2FyvfKBPvrl9%2FS7o8EHTpOk2mKzgSsA12l07mC%2FfFzCZPQVgSC"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=315360000
cf-ray: 7badfbf6eaf93a6c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 35 KB
35 KB 66ms
31ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:32:38 GMT
x-content-type-options: nosniff
age: 96009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 11:32:38 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 80ms
44ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:41:02 GMT
x-content-type-options: nosniff
age: 185505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:41:02 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 83ms
48ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=540fd913fdda078d6087769568ea9bcb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:32:51 GMT
x-content-type-options: nosniff
age: 185996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:32:51 GMT

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d

Request headers

Referer
Origin: https://securityaffairs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ 1 KB
1 KB 38ms
6ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 20 Apr 2023 14:12:47 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length: 1186
expires: Thu, 20 Apr 2023 14:17:47 GMT

GET
H2 200 Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/ 30 KB
30 KB 47ms
45ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Thu, 20 Apr 2023 14:12:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:11:29 GMT
server: nginx
etag: "d7d085e9626a91ca"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length: 30524
expires: Thu, 26 Dec 2024 13:11:29 GMT

GET
H2 200 logo-center-for-cybersecurity.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/ 7 KB
7 KB 48ms
45ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc: HIT ams 8
date: Thu, 20 Apr 2023 14:12:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:11:29 GMT
server: nginx
etag: "1b2f6a2d233ae477"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length: 7234
expires: Thu, 26 Dec 2024 13:11:29 GMT

GET
H2 200 newsletter.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/ 19 KB
19 KB 48ms
45ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 20 Apr 2023 14:12:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:11:29 GMT
server: nginx
etag: "a2818519aa04bc5c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length: 18968
expires: Thu, 26 Dec 2024 13:11:29 GMT

GET
H2 200 EU-Blog-e.jpg
i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/ 13 KB
13 KB 48ms
46ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg?resize=300%2C251&ssl=1

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 20 Apr 2023 14:12:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Dec 2022 01:11:29 GMT
server: nginx
etag: "9aeac3c1faf0be1c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.com/wp-content/uploads/2022/06/EU-Blog-e.jpg>; rel="canonical"
content-length: 13098
expires: Thu, 26 Dec 2024 13:11:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

377dfee56ff358431ffb7e4c735d4c7c8972012c810d875ed49549124e15bd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Apr 2023 14:12:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
82 KB 46ms
44ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

502ccf0c75e3798b193e4495e5f09b093bbd2d003f2f0740ffbff90f4c10d24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83935
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Apr 2023 14:12:48 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 61ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NPN4VEKBTY&gtm=45je34c0&_p=2104404116&_gaz=1&cid=1757305897.1681999968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681999968&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&dt=Trigona%20Ransomware%20targets%20Microsoft%20SQL%20serversSecurity%20Affairs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 72ms
20ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPN4VEKBTY&cid=1757305897.1681999968&gtm=45je34c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 97ms
49ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPN4VEKBTY&cid=1757305897.1681999968&gtm=45je34c0&aip=1&z=438240543

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 405 B
608 B 59ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.com&callback=_gfp_s_&client=ca-pub-4918072057181794

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92437e3e6156ddd0cd2247abf90572b6ce73a00c1e70ec524871b9c07609562b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 60ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 63ms
18ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 37AE 276 KB
70 KB 1087ms
1081ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1681999968&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999967485&bpp=290&bdt=152&idt=573&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2991797660499&frm=20&pv=2&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=626

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e13699de11900f37b7918877d0dfd2be031fbb8df80051d2630a53937b491b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 71123
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:12:49 GMT
expires: Thu, 20 Apr 2023 14:12:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 32ms
12ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=145036&tz=0&srv=securityaffairs.com&j=1%3A12.0&host=securityaffairs.com&ref=&fcp=704&rand=0.6739526204785995
Requested by: Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Apr 2023 14:12:48 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 32ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P62M3QN974&gtm=45je34c0&_p=2104404116&cid=1757305897.1681999968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681999968&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&dt=Trigona%20Ransomware%20targets%20Microsoft%20SQL%20serversSecurity%20Affairs&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 58ms
57ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230417&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a21958bb9ac6e79d8284ca2ea76435fa6cb333910fc6053ac149dbe49692cf79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11283
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 150 KB
51 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2f29c09f66c434d6fbfc5ce30995ace2023179995cafcb4f3c78fc83e2ea92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52068
x-xss-protection: 0
server: cafe
etag: 4496130138487924958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 14:12:49 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E865 80 KB
32 KB 848ms
847ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1681999969&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969255&bpp=3&bdt=1922&idt=3&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0&nras=2&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=3kRDNo0XjO&p=https%3A//securityaffairs.com&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de388133349b949cb9b65062b8ef27e51894b36cd610443959e3478ac25980cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:12:50 GMT
expires: Thu, 20 Apr 2023 14:12:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D8B 79 KB
32 KB 789ms
789ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1681999969&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969293&bpp=1&bdt=1960&idt=1&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0%2C630x280&nras=3&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9lGVud9eJ7&p=https%3A//securityaffairs.com&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a27ec1fd8ca4ecd1da47114489e56fa719143743f04e5ac24d40dd0206095c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32581
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:12:50 GMT
expires: Thu, 20 Apr 2023 14:12:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 66ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 14:12:49 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/ Frame 86A4 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 16:45:33 GMT
etag: 2378337311435320485
expires: Wed, 03 May 2023 16:45:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/ Frame 141B 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 16:45:33 GMT
etag: 2378337311435320485
expires: Wed, 03 May 2023 16:45:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 86A4 4 KB
632 B 33ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 14:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 13:27:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 14:12:49 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 86A4 205 B
519 B 47ms
9ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:37:29 GMT
x-content-type-options: nosniff
age: 52520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 18 Apr 2024 23:37:29 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 86A4 604 B
695 B 47ms
10ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 09:22:50 GMT
x-content-type-options: nosniff
age: 17399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Apr 2024 09:22:50 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/elements/html/ Frame 86A4 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 17:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:46:35 GMT

GET
H2 200 8e3adedd6f76ceb5825dd9d6f211c14b.js Show response
www.gstatic.com/mysidia/ Frame 141B 9 KB
4 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8e3adedd6f76ceb5825dd9d6f211c14b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3832
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 01:41:17 GMT

GET
H2 200 fc29ee04269ca903abd8d1f9be592d75.js Show response
www.gstatic.com/mysidia/ Frame 141B 9 KB
4 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc29ee04269ca903abd8d1f9be592d75.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bc01f5dce1abbb488672d5b582b0dcca83b1fe3b059d6e291a8c4c476f7c936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4071
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 02:17:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 141B 8 KB
893 B 26ms
19ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 14:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 13:31:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 14:12:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 141B 2 KB
846 B 13ms
10ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:31:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 141B 22 KB
9 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:25:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 141B 3 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 12:38:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 141B 20 KB
8 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 141B 159 KB
49 KB 62ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 14:12:49 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 141B 32 KB
14 KB 42ms
10ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 03:40:25 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 345B 13 KB
5 KB 14ms
8ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 12:38:38 GMT
expires: Fri, 19 Apr 2024 12:38:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E033 783 B
1 KB 45ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

604ce4af2306a07a191261d91f8706b76669d2f864c8bb526c191ca4d31ba3cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uz4cpR05Wq-5bYX1WvcP0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securityaffairs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-uz4cpR05Wq-5bYX1WvcP0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:12:49 GMT
expires: Thu, 20 Apr 2023 14:12:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame 1F18 8 KB
893 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 14:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 13:27:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 14:12:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 1F18 2 KB
765 B 13ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:31:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 1F18 22 KB
9 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:25:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 1F18 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 12:38:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 1F18 20 KB
8 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F18 159 KB
49 KB 60ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 14:12:49 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 1F18 32 KB
13 KB 21ms
5ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 03:40:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 141B 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAmK5YEhBZJeZDNeNqMwP2dGj8AmV6Inzb8mq9Zy4EOiqtpWLAxABILuj4JgBYJXikIKgB6AB-sfehAPIAQGoAwHIA8MEqgSgAk_QL_HVyx6QPf_mVINk3ueo0QyNWFagTNuviIYyT2lIqGqDLEGq98fO7sGSUvHiw0LCh27YsnStAIChBAWp_86PJhAXprXW6hHxe1jwY147UvKZR2_Uq_qLnMToCXuJXaTIuDhs15ENSPPbIL4lAl1r89tIhnMch5irPnL9fEKHPwGhq_oZsi_yYGWh-kU32arF51NM9XKNa3zlrd17IqKR-GX31nAZgmrf14ibkamUAvfKKhgkJcCnWhwggvsE7HZGUZlQI-UlUndx3OIkcQi1_fcMFx8iJ8Wb31H-N-FNtdUktc1isLPakqh1NtwZEKlEBrWc9iY8KE-7cK2088VGYW3lVNgCJecG2S_HcqK0y1-RUZnoFccKNR_OOCBNOsAEyqCwxIUEkgUECAQYAZIFBAgFGASgBmaAB-63oXuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDVlxLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTE4MDcyMDU3MTgxNzk0GAA&sigh=rfjQ2P-OX-Y&uach_m=[UACH]&cid=CAQSGwBygQiDQRuUqXwd6jxxE4hZBBw_e_lG25YK9RgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Apr 2023 14:12:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Apr 2023 14:12:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CAB1 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:01:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C2C 143 B
166 B 19ms
14ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:01:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E033 0
0 41ms
40ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230417&jk=2992756315626802&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 345B 36 KB
14 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 00:46:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CAB1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

35ms
35ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:12:49 GMT
expires: Thu, 20 Apr 2023 14:12:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:12:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C02F 36 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 00:46:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C2C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
35ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:12:49 GMT
expires: Thu, 20 Apr 2023 14:12:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:12:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 41D7 36 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: securityaffairs.com
URL: https://securityaffairs.com/145036/cyber-crime/trigona-ransomware-targets-microsoft-sql-servers.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 00:46:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 345B 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cPHrEQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 5205773807176313193
tpc.googlesyndication.com/simgad/ Frame 7D8B 120 KB
120 KB 10ms
9ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5205773807176313193

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1681999969&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969293&bpp=1&bdt=1960&idt=1&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0%2C630x280&nras=3&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9lGVud9eJ7&p=https%3A//securityaffairs.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80fbea07cdd569d398c7e00d9139c0387ae1faa3d65af7a1940fc30621f7b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:29:15 GMT
x-content-type-options: nosniff
age: 9815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123080
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 08:12:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Apr 2024 11:29:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 7D8B 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:25:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 7D8B 3 KB
1 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 12:38:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 7D8B 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:25:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D8B 159 KB
49 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 14:12:50 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 7D8B 33 KB
13 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:34:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13518
x-xss-protection: 0
server: cafe
etag: 3101116608242260287
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 15:34:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7D8B 0
0 56ms
53ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqnDoYUhBZMOYF--4qMwPuIOTcNjJmZBwuICU9NYR4arWxqM5EAEgu6PgmAFgleKQgqAHoAGG76uVAsgBA6gDAcgDyQSqBKkCT9BX9iVES7VW1_y_C5_8jj9Wnc5vVnpAip9sWvzcHQsnDu1fLuexTvtPg82dib2EbXDpIUklX0mhWN7tL1e-lYIxBJCcfbNGVRmPn0NnAe-ojDVKN5NZwcZDot2m6GMX3NLTg1s_RB0uQ7zAvrCxAWMWx0KuzxD3l9zckdS2D2LO_5Q6ZJqFUmdCwJT3JX1Jac5WenD9c7teEVRAPyxj6wV1NoowsmqG3gXkIGAwOEBXiUqhI_du2in6HMYnLrZ9p1Biug6WRAPfHCG8nZ1Ce2Er-bYTYJ7rc6sSCPvfkzPyvPcz4R4LCXT0Fnh07xPLYem_E_w1pOQZs_BEDzdnNZ_oPptWnx9u7bZ41OR3UjSIci71EQ9anCIC_WPjHgl8tyvBfYONk827wATkp_CrqQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AH4pDU6gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCD1QLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTE4MDcyMDU3MTgxNzk0GAA&sigh=PqZcVjQXgZI&uach_m=[UACH]&cid=CAQSPABygQiDGFPsFbgzqWJAD5tzn1FvVfVTUxl5T9_CRp7B_DoEYSkRq5FHoUDsg-gfc93MJk_rAPi9W8GUXxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1681999969&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969293&bpp=1&bdt=1960&idt=1&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0%2C630x280&nras=3&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9lGVud9eJ7&p=https%3A//securityaffairs.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Apr 2023 14:12:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2229 143 B
166 B 9ms
9ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1681999969&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969293&bpp=1&bdt=1960&idt=1&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0%2C630x280&nras=3&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9lGVud9eJ7&p=https%3A//securityaffairs.com&dtd=7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:01:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8176 1 KB
643 B 17ms
11ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 01:43:07 GMT
etag: 48472445140208031
expires: Fri, 21 Apr 2023 01:43:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 13458594673840085245
tpc.googlesyndication.com/simgad/ Frame E865 77 KB
77 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13458594673840085245?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlBLjhBGJNXX8z8HQJuC5_Hs-bQHQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1681999969&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969255&bpp=3&bdt=1922&idt=3&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0&nras=2&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=3kRDNo0XjO&p=https%3A//securityaffairs.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0cdcd8ec8a31ea6e81be09bbe37444f2f95baac945b3b15b9f2437a4b36db22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:27:27 GMT
x-content-type-options: nosniff
age: 31523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78772
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 08:12:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Apr 2024 05:27:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame E865 22 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:25:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame E865 3 KB
1 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 12:38:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame E865 20 KB
8 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:25:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E865 0
0 19ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7aSukM0bLZhnVcislWDajJqDEVBCGQsS0vPo19iuph2tROzpBTZC9qM80tM-5Xo43wVBhBJE4CyQB2o1uospgqNSLFA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1681999969&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969255&bpp=3&bdt=1922&idt=3&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0&nras=2&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=3kRDNo0XjO&p=https%3A//securityaffairs.com&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E865 159 KB
49 KB 53ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 14:12:50 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame E865 33 KB
13 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:34:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13518
x-xss-protection: 0
server: cafe
etag: 3101116608242260287
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 15:34:08 GMT

GET
DATA 200
OK truncated
/ Frame 7D8B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0852e181657391d487efc460abb6b067e3f89acee6fdd252db5a83a82c25adf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E865 0
0 54ms
49ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdBTbYUhBZJGpFdGmqMwPo96XINjJmZBwqIKU9NYR4arWxqM5EAEgu6PgmAFgleKQgqAHoAGG76uVAsgBAqgDAcgDyQSqBKkCT9Crios7osTkWNA9hn4mSEbczXZGLNViaK84i05eQSrnfQwIf8Y0OIxLhOyecj8vT3JwHXe1Y9DnxL_molm5gmzm-0wAQkuaWyq182rfB6lmbBEy8VD1EkhjPH1u_lacZAMYmvOagggpiFL65eqJzH63aaEKR6dEchGcE5yVqFaMF9Qj-4FUVjy5W5avWbS5Gy-6Ice8K9JU0xA8rbTr9gJe5iL_a7EsPJWJbt3WZmjCLQ6ivCsmTt0g1IS93FU6cbwZd1DqYcvG2GIr1mP95iUpHitBJ5wOpbzAY_k4UEfqNLGn9celHMmhm0LWp-Nn3NinNqr-tO9kLBKlce58d-LtlO1WZCBUsh4YhLfv-OFNmSzz6aBv-Ypg3nZH7GUqwrrvMwWjuI15wATkp_CrqQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH4pDU6gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDHywHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTE4MDcyMDU3MTgxNzk0GAA&sigh=w9LJQjV1B9k&uach_m=[UACH]&cid=CAQSPABygQiDzg5qK495S4ZF96YkZEhxXqXzUCNuGCqO7wfSRRkTDLXc7F9jjWvSnT1zqyMSLT3odpRBhoFQcxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1681999969&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969255&bpp=3&bdt=1922&idt=3&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0&nras=2&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=3kRDNo0XjO&p=https%3A//securityaffairs.com&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Apr 2023 14:12:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8176
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGXZZP5-ANvcWz7KutLbiD8&google_push=Aer7DvIlwBEeH85GUG1HQMB_a9yoB1Tbn-TJ_Xyg1avb4icWFegNlCt2FH...

170 B
188 B

21ms
21ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGXZZP5-ANvcWz7KutLbiD8&google_push=Aer7DvIlwBEeH85GUG1HQMB_a9yoB1Tbn-TJ_Xyg1avb4icWFegNlCt2FHMtbd7eXISoJ2qiJBv4V6PiHPPRc-l9LxPebAvcCKCLXAc

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230118-FRA
pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1681999970.226039,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGXZZP5-ANvcWz7KutLbiD8&google_push=Aer7DvIlwBEeH85GUG1HQMB_a9yoB1Tbn-TJ_Xyg1avb4icWFegNlCt2FHMtbd7eXISoJ2qiJBv4V6PiHPPRc-l9LxPebAvcCKCLXAc
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8176
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEENApBRTdndoQSuI4ncDJbg&google_cver=1&google_push=Aer7DvI-V1w2mSQzEBCo8lWuTPUS0yj5Y-q6WzcwveWy_IEX_ph89q6iQYUeXenm8WBziFL45QXYQmBzBN_LipaCb-_Z...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEENApBRTdndoQSuI4ncDJbg&google_cver=1&google_push=Aer7DvI-V1w2mSQzEBCo8lWuTPUS0yj5Y-q6WzcwveWy_IEX_ph89q6iQYUeXenm8WBziFL45QXYQmBzBN_Lip...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvI-V1w2mSQzEBCo8lWuTPUS0yj5Y-q6WzcwveWy_IEX_ph89q6iQYUeXenm8WBziFL45QXYQmBzBN_LipaCb-_ZaEBsn1Gd0A&google_hm=2U_mFfahRyy9cuc_g34_-Q==

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvI-V1w2mSQzEBCo8lWuTPUS0yj5Y-q6WzcwveWy_IEX_ph89q6iQYUeXenm8WBziFL45QXYQmBzBN_LipaCb-_ZaEBsn1Gd0A&google_hm=2U_mFfahRyy9cuc_g34_-Q==

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvI-V1w2mSQzEBCo8lWuTPUS0yj5Y-q6WzcwveWy_IEX_ph89q6iQYUeXenm8WBziFL45QXYQmBzBN_LipaCb-_ZaEBsn1Gd0A&google_hm=2U_mFfahRyy9cuc_g34_-Q==
date: Thu, 20 Apr 2023 14:12:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8176
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO8i92-KGMMCKbGz7miqn4Q&google_cver=1&google_push=Aer7DvLWVOtJL9RsAqNqS_Srow4kuZmt31a1OdsYyrIzIXr2oZWi8mKNj_ME5y-OtYiCpbM3sZYIU4IV...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO8i92-KGMMCKbGz7miqn4Q&google_cver=1&google_push=Aer7DvLWVOtJL9RsAqNqS_Srow4kuZmt31a1OdsYyrIzIXr2oZWi8mKNj_ME5y-OtYiCpbM3sZY...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM0ODY3MDg4Mzc3Mzk1ODMwNg&google_push=Aer7DvLWVOtJL9RsAqNqS_Srow4kuZmt31a1OdsYyrIzIXr2oZWi8mKNj_ME5y-OtYiCpbM3sZYIU4...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM0ODY3MDg4Mzc3Mzk1ODMwNg&google_push=Aer7DvLWVOtJL9RsAqNqS_Srow4kuZmt31a1OdsYyrIzIXr2oZWi8mKNj_ME5y-OtYiCpbM3sZYIU4IVQl31vwkGILP81rW7Nry7jw

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM0ODY3MDg4Mzc3Mzk1ODMwNg&google_push=Aer7DvLWVOtJL9RsAqNqS_Srow4kuZmt31a1OdsYyrIzIXr2oZWi8mKNj_ME5y-OtYiCpbM3sZYIU4IVQl31vwkGILP81rW7Nry7jw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8176
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-JKX0727QCyPlpxWsZdehg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-JKX0727QCyPlpxWsZdehg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLzdFtzRULkjx6LWiDLSJMr2fUUjU4qxnu6QXUwFhuxFW5BIjlpmwYG7s8k25IkHnJUYesCzEBTtAbzr636AL_yPv2wtylXP98

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-JKX0727QCyPlpxWsZdehg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLzdFtzRULkjx6LWiDLSJMr2fUUjU4qxnu6QXUwFhuxFW5BIjlpmwYG7s8k25IkHnJUYesCzEBTtAbzr636AL_yPv2wtylXP98
date: Thu, 20 Apr 2023 14:12:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8176
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDQb8hB03oGlGTxoJLlo-Kw&google_cver=1&google_push=Aer7DvKxlkhSHnitxbIVCkc-3vY-f7faplREjErsa9nQCgueZToUhN8uLL2IYvF-kFLYY9k99du...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQN0NSOEstUS05U0pP&google_push=Aer7DvKxlkhSHnitxbIVCkc-3vY-f7faplREjErsa9nQCgueZToUhN8uLL2IYvF-kFLYY9k99duxjUKT5bYB58rKCAu3uLK1d_ICtCw

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQN0NSOEstUS05U0pP&google_push=Aer7DvKxlkhSHnitxbIVCkc-3vY-f7faplREjErsa9nQCgueZToUhN8uLL2IYvF-kFLYY9k99duxjUKT5bYB58rKCAu3uLK1d_ICtCw

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQN0NSOEstUS05U0pP&google_push=Aer7DvKxlkhSHnitxbIVCkc-3vY-f7faplREjErsa9nQCgueZToUhN8uLL2IYvF-kFLYY9k99duxjUKT5bYB58rKCAu3uLK1d_ICtCw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 8176 43 B
297 B 178ms
24ms Image
image/gif 2a05:d01c:1d8:8102:16d8:7090:a613:b3d4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESELcg2nAS-Ju8Z3FluVwe5IM&google_cver=1&google_push=Aer7DvLjq9OBONnI9_y8QgKYqdain1itJGfWN3HVIUYHnC9yOW6um5maDBRmw3nhNmGTMddhOqXAB4CvBxmuylG7dI1VF7mip9D0iDM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=600&adk=2697633112&adf=1762069438&pi=t.aa~a.2641062588~rp.3&w=300&fwrn=4&fwrnh=100&lmt=1681999969&rafmt=1&to=qs&pwprc=8791289769&format=300x600&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969293&bpp=1&bdt=1960&idt=1&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0%2C630x280&nras=3&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=1382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9lGVud9eJ7&p=https%3A//securityaffairs.com&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:16d8:7090:a613:b3d4 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8176
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEOpA_xznjxlqtLrgTxVcJto&google_cver=1&google_push=Aer7DvLID65qkvZek7UV8NLNp_DuBh25hApmJct7U4X1x1Fxyh3LxO0zTx-aNU-jKs...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvLID65qkvZek7UV8NLNp_DuBh25hApmJct7U4X1x1Fxyh3LxO0zTx-aNU-jKsbDHfzajhC_VXH-2ubKw9OfNJyb72jyFQrYuHk&google_hm=...

170 B
329 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvLID65qkvZek7UV8NLNp_DuBh25hApmJct7U4X1x1Fxyh3LxO0zTx-aNU-jKsbDHfzajhC_VXH-2ubKw9OfNJyb72jyFQrYuHk&google_hm=X-ZFi80aQkmpp3sbjdB5CB8

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:49 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvLID65qkvZek7UV8NLNp_DuBh25hApmJct7U4X1x1Fxyh3LxO0zTx-aNU-jKsbDHfzajhC_VXH-2ubKw9OfNJyb72jyFQrYuHk&google_hm=X-ZFi80aQkmpp3sbjdB5CB8
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8176 0
130 B 39ms
14ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jc7eeaURJ8qNF98inwnLf3wGbg2EqTmOwHLDy5RuhgFnfjNujFWoWK5JRblj_kAFa_h0hn7w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2229
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
27ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:12:50 GMT
expires: Thu, 20 Apr 2023 14:12:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:12:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CDE0 143 B
166 B 8ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1681999969&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969255&bpp=3&bdt=1922&idt=3&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0&nras=2&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=3kRDNo0XjO&p=https%3A//securityaffairs.com&dtd=13
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:01:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A521 1 KB
643 B 8ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 01:43:07 GMT
etag: 48472445140208031
expires: Fri, 21 Apr 2023 01:43:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E865 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 754e41289bc2df6c7df8242d5b772d490e83b684e83b970528ee069751dc4c30

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-4918072057181794&su=securityaffairs.com&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&doc=complete&pg_h=4303&pg_w=1600&pg_hs=4303&c=0&aa_c=2&av_h=440&av_w=465&av_a=178200&all_s=30&all_b=2321.500&d=0&all_d=0.205&ard=0&all_ard=0.052&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A521
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHkra08tdAzhudM-piByzDk&google_cver=1&google_push=Aer7DvL-E-j6cGV5ROixMiOwZgPNrNAXGklHg_xyDoLl-t1ar1atTNTxHXiT2GPIaSRTdqZ3KmgzNe91CJUiVW1L...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvL-E-j6cGV5ROixMiOwZgPNrNAXGklHg_xyDoLl-t1ar1atTNTxHXiT2GPIaSRTdqZ3KmgzNe91CJUiVW1LvdGFX4ycbYuPSstvyt6A7RIDo-hCH-...

170 B
188 B

20ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvL-E-j6cGV5ROixMiOwZgPNrNAXGklHg_xyDoLl-t1ar1atTNTxHXiT2GPIaSRTdqZ3KmgzNe91CJUiVW1LvdGFX4ycbYuPSstvyt6A7RIDo-hCH-78hGV3NaTsaXsDZ5j6ipH18QCMa-Hye0aU6dtM6c8

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 20 Apr 2023 14:12:50 GMT
Server: MT3 830 785530e master zrh-pixel-x29 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvL-E-j6cGV5ROixMiOwZgPNrNAXGklHg_xyDoLl-t1ar1atTNTxHXiT2GPIaSRTdqZ3KmgzNe91CJUiVW1LvdGFX4ycbYuPSstvyt6A7RIDo-hCH-78hGV3NaTsaXsDZ5j6ipH18QCMa-Hye0aU6dtM6c8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 20 Apr 2023 14:12:49 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A521
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELtukEhbFnZbnaoct2SoVrI&google_push=Aer7DvI8RUuxX7nJbkIhv9FxfS7uPXcyQYmsPzxoGu7tw25glRmMRSE3eW...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELtukEhbFnZbnaoct2SoVrI&google_push=Aer7DvI8RUuxX7nJbkIhv9FxfS7uPXcyQYmsPzxoGu7tw25glRmMRSE3eWJCNmB4v8-zRuRlwP5Dy4fsxU488X2C6AzpFrHI51jOkoczrASpYqcyhzpFGNr_9q8yRdyOqAxboF4REfUryEjsv3ZOUSxRgjRB6tg

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230118-FRA
pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1681999970.264854,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELtukEhbFnZbnaoct2SoVrI&google_push=Aer7DvI8RUuxX7nJbkIhv9FxfS7uPXcyQYmsPzxoGu7tw25glRmMRSE3eWJCNmB4v8-zRuRlwP5Dy4fsxU488X2C6AzpFrHI51jOkoczrASpYqcyhzpFGNr_9q8yRdyOqAxboF4REfUryEjsv3ZOUSxRgjRB6tg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A521
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIWX5jXb_dCpJLK0JSFIr6E&google_cver=1&google_push=Aer7DvIasMzZ10xELmQDSToFNdF3fosGVYJc3mEEayROp6Ta5B4KzOILsZ9PU7QSuvwkNyTIwWmDmT9W7OjyFGQZ0KtndGKL0qyxib...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F05DC7C155664D8F9DD6712D6B827A7F&google_push=Aer7DvIasMzZ10xELmQDSToFNdF3fosGVYJc3mEEayROp6Ta5B4KzOILsZ9PU7QSuvwkNyTIwWmDmT9W7OjyFGQ...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F05DC7C155664D8F9DD6712D6B827A7F&google_push=Aer7DvIasMzZ10xELmQDSToFNdF3fosGVYJc3mEEayROp6Ta5B4KzOILsZ9PU7QSuvwkNyTIwWmDmT9W7OjyFGQZ0KtndGKL0qyxibqjUw1yLjDuXKTbgmo27a2LJJ65vaHc4D6xd2UvtMYV6QQULEWWGXCnz1k

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 20 Apr 2023 14:12:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F05DC7C155664D8F9DD6712D6B827A7F&google_push=Aer7DvIasMzZ10xELmQDSToFNdF3fosGVYJc3mEEayROp6Ta5B4KzOILsZ9PU7QSuvwkNyTIwWmDmT9W7OjyFGQZ0KtndGKL0qyxibqjUw1yLjDuXKTbgmo27a2LJJ65vaHc4D6xd2UvtMYV6QQULEWWGXCnz1k
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 19 Apr 2023 14:12:50 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A521
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHHRdPJpiWrRe4rh1Tum3KQ&google_cver=1&google_push=Aer7DvJinMxDZYkEcT7K4_vfPMw3eM_TCggDb8BwVz-XKYeXytUinQD_H56MaUTkoSSl_Ys_b0h9gKRplsk8IdcT8lpI...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJinMxDZYkEcT7K4_vfPMw3eM_TCggDb8BwVz-XKYeXytUinQD_H56MaUTkoSSl_Ys_b0h9gKRplsk8IdcT8lpI1MyklcMFwEYdMWOnByJbdmH274UEoPZqJYppcZwMbc...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJinMxDZYkEcT7K4_vfPMw3eM_TCggDb8BwVz-XKYeXytUinQD_H56MaUTkoSSl_Ys_b0h9gKRplsk8IdcT8lpI1MyklcMFwEYdMWOnByJbdmH274UEoPZqJYppcZwMbcgpvWz-7zqA4Jm_51bx84ZcwgA&google_hm=2U_mFfahRyy9cuc_g34_-Q==

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJinMxDZYkEcT7K4_vfPMw3eM_TCggDb8BwVz-XKYeXytUinQD_H56MaUTkoSSl_Ys_b0h9gKRplsk8IdcT8lpI1MyklcMFwEYdMWOnByJbdmH274UEoPZqJYppcZwMbcgpvWz-7zqA4Jm_51bx84ZcwgA&google_hm=2U_mFfahRyy9cuc_g34_-Q==
date: Thu, 20 Apr 2023 14:12:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame A521 43 B
350 B 41ms
15ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJ6bFPtAZiJZABiIlehl-VE&google_cver=1&google_push=Aer7DvJWaDj3eTzK8XZ72e301oT8ly9B1-ddx_zb7kBTaLgdhnqHWYrbnVMfHpRmlnIlWIzfiGU-fvEUmk7NAiX6uCvm9v_1lMTaO-TqKU5k3QW-sBMZc6R-J4OAnc9E2UJjP_fX5kA7oRe-kzntFLNdrrXA1vE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&h=280&adk=1315944321&adf=224457671&pi=t.aa~a.509917982~i.27~rp.4&w=630&fwrn=4&fwrnh=100&lmt=1681999969&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8791289769&ad_type=text_image&format=630x280&url=https%3A%2F%2Fsecurityaffairs.com%2F145036%2Fcyber-crime%2Ftrigona-ransomware-targets-microsoft-sql-servers.html&fwr=0&pra=3&rh=158&rw=630&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681999969255&bpp=3&bdt=1922&idt=3&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fa29c7156f3390-224ed79ca4dd0006%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ&gpic=UID%3D00000bd85bb46af7%3AT%3D1681999968%3ART%3D1681999968%3AS%3DALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg&prev_fmts=0x0&nras=2&correlator=2991797660499&frm=20&pv=1&ga_vid=1757305897.1681999968&ga_sid=1681999968&ga_hid=2104404116&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31073765%2C44719339%2C21065724&oid=2&pvsid=2992756315626802&tmod=1919873232&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=3kRDNo0XjO&p=https%3A//securityaffairs.com&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:49 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ciro3bliv9baqboicoba09mt1fe0nood

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A521
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pDdSYLRIRwWOjDK48nykqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pDdSYLRIRwWOjDK48nykqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKe2Tobs7sXV943bBHzHp0WzPZeKeZv4DjGqKltZ4R4y2f1ZzhutpmIENVZbiZY_-478-DVPw7eXsH5eFe7PTph68kCSLcJlOjoEYQWFNW3Zie0-yBFdkUDYmyuC0BtAWx8kGpRdU3moYxGsx1EB9pkzw

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pDdSYLRIRwWOjDK48nykqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKe2Tobs7sXV943bBHzHp0WzPZeKeZv4DjGqKltZ4R4y2f1ZzhutpmIENVZbiZY_-478-DVPw7eXsH5eFe7PTph68kCSLcJlOjoEYQWFNW3Zie0-yBFdkUDYmyuC0BtAWx8kGpRdU3moYxGsx1EB9pkzw
date: Thu, 20 Apr 2023 14:12:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A521
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEMssPsgB9K-HeSV8LJd29b4&google_cver=1&google_push=Aer7DvKpWxbp0GHNPznNUeBgw-LoPvpBsvS0NZsYjk5ALqz76mIS88iLiYzMp2arqT...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvKpWxbp0GHNPznNUeBgw-LoPvpBsvS0NZsYjk5ALqz76mIS88iLiYzMp2arqTQYXIBGYfHVq7604DSe8js9nwIw-U7AJEXbuHT6mmroivFYNS...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvKpWxbp0GHNPznNUeBgw-LoPvpBsvS0NZsYjk5ALqz76mIS88iLiYzMp2arqTQYXIBGYfHVq7604DSe8js9nwIw-U7AJEXbuHT6mmroivFYNShm-hvq_ovkNaFjRCtwSBoOm3erDKiezhckLn2k5NDIz7mN&google_hm=X-ZFi80aQkmpp3sbjdB5CB8

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 14:12:49 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvKpWxbp0GHNPznNUeBgw-LoPvpBsvS0NZsYjk5ALqz76mIS88iLiYzMp2arqTQYXIBGYfHVq7604DSe8js9nwIw-U7AJEXbuHT6mmroivFYNShm-hvq_ovkNaFjRCtwSBoOm3erDKiezhckLn2k5NDIz7mN&google_hm=X-ZFi80aQkmpp3sbjdB5CB8
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A521 0
12 B 20ms
15ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JU0bdFz43wQyCgZn9jytCtAVSkKj3YM_203-la2_5gn24_CoAEnnLk2RhZsYzALhG-E98g-w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:12:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CDE0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
20ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:12:50 GMT
expires: Thu, 20 Apr 2023 14:12:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 14:12:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame AB88 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 00:46:03 GMT

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F6DB 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 00:46:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230417&jk=2992756315626802&bg=!n5ylnMjNAAZA7GLoYOw7ADkAdvg8WtPvzsVmnUbXLlnUNtQ5ClkaBoSOw6sLgkOHbziOm2sksRAptr5b4EYyOszMI7TH8Z63DtsCAAAAqFIAAAADaAEHCgAVnRp9MS_pRIoPwRgdktzf2_SwnMb7mQLlGa5EyphH8FcjtgG671mMLuEW2C4Nv1YGGCWpzD7CrJuFQZZTttk1JT4_8mKB2fowDwY2MdjXTv3lZaVdK3-3ywxe6-uU5HlRoDF6M_t8jl9zWzCmME4hi4XqHbyV5c_Yo8ol2z9qJ-etdkO9nRFziqmtr-YhLr8oVEB-qD4g3Wj7BCdXCwTyv1764arnaRr5nef8xztzVP0rPgkmxMZ23wWh1NlUS3GaYQUf6F9Hd_yr2hIVvADUNzW0U64Vy29fcSz0-FwF3nK1LBm2PUFqBou_wJ7gqHyngc7_8mfG58RSiC2CWQBTXD4GgpYbPileBmBElLJ2-bzlDM_lhLD8T_3vkM2bp3O9yWGwjBcPWIbc1pbUt5sYbzo53xV6GBefpiV_mL6If3x6P-CV5mY3VtTLGDrl3MiNi8LGxvqbSJi2dS4X9G0xFcreFYvpvdgibOPrzznslb0z7keh42CZmV9eeL8Q-20rR2Ztj1XFUUdk1sly_WKNqNvJjE8Cay22c6Ky6rHnn1fofwezT1_HKFGMEDNAoeZFJZAQoqDGJsA0aGn3EOHuyIonCc94c7KN4s91Vx08b57AMlhDl1zKn8NiWN3aRCrVT_RXG70cYTFip4S7jlb2m36LCFnIU0CkbuCkqq9dHTAa7YpatIqzLVkqFXQ6hVmnzsSUS-M5MnVd1Ftab6EDD91qVZnkqoTYUeP5CJC9AtFMP_7k1owOhmr3NgKNCJ58qLrxv3cYb4k-WQ7d3AcOImvV5yaqN7e93P4Y6iJhD_fRAVGcVBWC8dJSfNPyoc4JwNDgvJiQFcAQWjjwpxPFHzQD7W86w7-W1-OrYHlekSN7ylU6TN530n6tAWayXtYJPbztgn-BUPxW62ZR2JVkkIvqJdKmOaJip-hXTjiFDtGDZM2Gi-TOCkM0V83AzXqVXEewNpPQN09eHBmsqO1UP5jNxC-0k7SXYTSoomd7pSmAx5uhDxT-AHAALOhy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securityaffairs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.securityaffairs.com/	1970-01-20 20:49:19	Name: _ga_NPN4VEKBTY Value: GS1.1.1681999968.1.0.1681999968.60.0.0
.securityaffairs.com/	1970-01-20 20:49:19	Name: _ga Value: GA1.1.1757305897.1681999968
securityaffairs.com/	1970-01-20 19:58:55	Name: cookielawinfo-checkbox-necessary Value: yes
securityaffairs.com/	1970-01-20 19:58:55	Name: cookielawinfo-checkbox-non-necessary Value: yes
.securityaffairs.com/	1970-01-20 20:49:19	Name: _ga_P62M3QN974 Value: GS1.1.1681999968.1.0.1681999968.0.0.0
.securityaffairs.com/	1970-01-20 20:34:55	Name: __gads Value: ID=b9fa29c7156f3390-224ed79ca4dd0006:T=1681999968:RT=1681999968:S=ALNI_Mb0RZwbAeIj165q87TnwAHaHFtPvQ
.securityaffairs.com/	1970-01-20 20:34:55	Name: __gpi Value: UID=00000bd85bb46af7:T=1681999968:RT=1681999968:S=ALNI_MbEZAhw2M9WHeR8kJZZ-5KwqsNyJg
.doubleclick.net/	1970-01-20 11:13:23	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 20:34:55	Name: IDE Value: AHWqTUllNYdGVt8SSZI4-68_f1w1O7wpPD74vk0arVdMcPgKE3y6jSopL5CztXvx3kQ
.bidswitch.net/	1970-01-20 19:58:55	Name: tuuid Value: d94fe615-f6a1-472c-bd72-e73f837e3ff9
.bidswitch.net/	1970-01-20 19:58:55	Name: c Value: 1681999970
.bidswitch.net/	1970-01-20 19:58:55	Name: tuuid_lu Value: 1681999970
.ctnsnet.com/	1970-01-20 19:58:55	Name: gid_CAESEOpA_xznjxlqtLrgTxVcJto Value: 1
.pubmatic.com/	1970-01-20 11:14:46	Name: KTPCACOOKIE Value: YES
.bidswitch.net/	1970-01-20 11:13:20	Name: google_push Value: Aer7DvJinMxDZYkEcT7K4_vfPMw3eM_TCggDb8BwVz-XKYeXytUinQD_H56MaUTkoSSl_Ys_b0h9gKRplsk8IdcT8lpI1MyklcMFwEYdMWOnByJbdmH274UEoPZqJYppcZwMbcgpvWz-7zqA4Jm_51bx84ZcwgA
.ctnsnet.com/	1970-01-20 19:58:55	Name: gid_CAESEMssPsgB9K-HeSV8LJd29b4 Value: 1
.ctnsnet.com/	1970-01-20 19:58:55	Name: cid Value: 5fe6458bcd1a4249a9a77b1b8dd07908
.pubmatic.com/	1970-01-20 19:58:55	Name: KADUSERCOOKIE Value: F89297D3-BDBB-402C-8F96-9C56B1975E86
.adform.net/	1970-01-20 11:56:31	Name: C Value: 1
.mathtag.com/	1970-01-20 20:39:15	Name: uuid Value: abd36441-4863-4b00-829f-bd2b77d8605e
.mathtag.com/	1970-01-20 11:56:31	Name: mt_mop Value: 4:1681999971
.everesttech.net/	1970-01-20 19:58:55	Name: everest_g_v2 Value: g_surferid~ZEFIYgAEKnsalwAn
.innovid.com/	1970-01-20 13:22:55	Name: uuid Value: 5c84cf75-3564-4947-aa7a-0e88a69f01d5-20230420 10:12:50
.simpli.fi/	1970-01-20 20:00:22	Name: suid Value: F05DC7C155664D8F9DD6712D6B827A7F
.adform.net/	1970-01-20 12:39:43	Name: uid Value: 7348670883773958306

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
buttons-config.sharethis.com
c1.adform.net
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
image6.pubmatic.com
ius.ctnsnet.com
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.wp.com
platform-api.sharethis.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
secure.gravatar.com
securityaffairs.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
13.32.99.34
142.250.185.162
151.101.194.49
185.29.132.241
192.0.76.3
192.0.77.2
198.47.127.19
2001:4860:4802:32::36
2600:9000:2451:1600:c:abe:f440:93a1
2606:4700:3031::6815:90b
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a04:fa87:fffe::c000:4902
2a05:d01c:1d8:8102:16d8:7090:a613:b3d4
3.120.144.155
3.121.88.215
34.91.62.186
35.186.193.173
35.186.253.211
37.157.4.24
69.173.144.165
0047733bc76e5bd8c521cf094dd73b5d482e7d062bbf513f801abccf81d47696
0255909b7cb5511843e8e9d6414f99d023237cdb954705d68c4ff0d3cd752d6b
05e13699de11900f37b7918877d0dfd2be031fbb8df80051d2630a53937b491b
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1009b5a8852ca3fdbdacabac3778cf9dea8f91a58d36466a5fe20d0441ead1f7
12e29fa8c4f9d7702cdea6663458a4084007fe4521117610c456c54e6644e07c
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2
167bdead3314274ec6816ae851d767dd0ca9d1f9a2858b8ed0f1820657096097
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1bc01f5dce1abbb488672d5b582b0dcca83b1fe3b059d6e291a8c4c476f7c936
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
28275dbcd3747f460a53102bb9dad566db20349335371cef756c72f4ab155431
2b2f29c09f66c434d6fbfc5ce30995ace2023179995cafcb4f3c78fc83e2ea92
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f
2f594c614f282b4aa13357496d01e5ad7bf60b270e0786cae089bbbfb4b97f5c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3570b0809823e912b040bb8d99048d5e85ceabf830ef064e306c0a1901a08e11
377dfee56ff358431ffb7e4c735d4c7c8972012c810d875ed49549124e15bd83
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502ccf0c75e3798b193e4495e5f09b093bbd2d003f2f0740ffbff90f4c10d24d
51df3ca60fafe5df2786ce34c4b6dff5af9bb0a061f1808783f65bb1016e016d
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
5defe7611a897f73d449f21189ca5e35529d3d2afefdb4ba17006d6d8f70470c
604ce4af2306a07a191261d91f8706b76669d2f864c8bb526c191ca4d31ba3cd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
696ba92e789802d7f0f9be9df74e4e93fca67e1770aba35d0eb58d2455a9809a
73e52be898a7afbbfa119fdb5a95ca82c2b914da8d756404f7e5c7e0b6ff1928
751ae0b0e7b20fc45203c90e0c3391e1aa983f57327fb31d96dda46f7232ad45
754e41289bc2df6c7df8242d5b772d490e83b684e83b970528ee069751dc4c30
76666e1893a682c94cbf578809f3e9e2f89484776ad8121e2e5fb1c0e454548a
7c11433c4dc7cf18972c22ca0f2cf78493b92aaf89bab4dab47c6c9b6c551d50
7c4baf058901663c6879894c0067cf923fa200cb95a0a4c25b1471a62c2a63c8
80fbea07cdd569d398c7e00d9139c0387ae1faa3d65af7a1940fc30621f7b036
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4
914c2c38bcf8be8ae0bb37e800573341c8134e54b5ced5303c1d3f172d7e6c96
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92437e3e6156ddd0cd2247abf90572b6ce73a00c1e70ec524871b9c07609562b
94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a04aa9666a49a1c434d7e44268f399e0c1dc1b306a2cc6f3414551364c217b4d
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a21958bb9ac6e79d8284ca2ea76435fa6cb333910fc6053ac149dbe49692cf79
a27ec1fd8ca4ecd1da47114489e56fa719143743f04e5ac24d40dd0206095c89
a37deb9dd04cdebb5a80730395780332c03ec667693b3ddb06d8983157679d64
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ea1f3c6951b71eb83050cd630f9c7c1c736b5b277d38a0e4465d80a5e53d4d
a8e0c2a382af28fc09bc75e63405138ed88021ff253131b530267052c0599deb
a93c1ac24fad6ffb0de84e1f56b111e8b177d68a2948ffe1c87d9c02bb68b2d1
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b33e3ff7c01e9eb947faf1bd0dd31d3d210ff9fdf809f2db3938b5b865b9cc31
b5643c5e548ec3aab5786c3845bce65a8ab30d48b62ba2586373ff84589ea13d
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b947350166d7e9dba1b9b802da7893cb1894e8d8f7d93513d7034c640742a4f7
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bc579adb9c01af6778a9ca70a43887f508641d8ad065c7c0b5458d013a8283b5
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bea141b0e1c016faface442cf56dae318f97789bea95d633da28014d5233a934
c0852e181657391d487efc460abb6b067e3f89acee6fdd252db5a83a82c25adf
c0cdcd8ec8a31ea6e81be09bbe37444f2f95baac945b3b15b9f2437a4b36db22
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c9b6164ccc60fa98562a1d315d63a961a7ffa16183117a6a5f6d5bf3893283c0
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb2327659ed684596ff8a29c6e2c30867c4514e0b4139ad11abdb3435e386d9b
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
d2f9e27942c2f7c73121bf086987c33c91fd076f08ecbd549c2c02646e8324fa
d5133a1035cbf203be573cc6e15a2d4f8477b62568bea772b2192dc68c4980e5
d6f712bb063293806236d362715f5f3f134ddeb3da95e66f7f7d5f1311975296
d7a1bdec6b5209de5be156a573409f2f9e30488cca22fb380d2234057c7973f1
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
db4312bece8d50799c3e99a316a58218a527df0f25b93c3e075e04712e20cacf
dd35363d56e4fc8e946c08ab06bc2ef1345c022893649ea5c086b9b275504b3a
dddb102ffcaede7d2b9f77dd316851396459d8af674fb871fe02eb57bad5d160
de388133349b949cb9b65062b8ef27e51894b36cd610443959e3478ac25980cf
e2a3522e6e082fa56d0eb9bf893a6bddc957911a05ff9a35a1c5e6982abe583e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee86b02e97bfb8f83af87a4f7991c713e1e90dce091524c0c675b393091b6ff7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
ff09b87717849a3e1e73c285ca180af2d1e9b5a78edac97e6c24a1cbe52d6a32

securityaffairs.com Open in urlscan Pro 2606:4700:3031::6815:90b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

162 Requests

93 %HTTPS

56 %IPv6

24 Domains

35 Subdomains

25 IPs

7 Countries

2757 kBTransfer

5580 kBSize

25 Cookies

20 Outgoing links

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

securityaffairs.com Open in urlscan Pro
2606:4700:3031::6815:90b Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

93 %
HTTPS

56 %
IPv6

24
Domains

35
Subdomains

25
IPs

7
Countries

2757 kB
Transfer

5580 kB
Size

25
Cookies

162 HTTP transactions
3 data transactions