urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.184.56  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Submission: On September 19 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 63 IPs in 6 countries across 75 domains to perform 396 HTTP transactions. The main IP is 104.20.184.56, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com. The Cisco Umbrella rank of the primary domain is 90166.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 2nd 2024. Valid for: a year.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.20.184.56 13335 (CLOUDFLAR...)
1 142.250.80.106 15169 (GOOGLE)
34 104.26.12.6 13335 (CLOUDFLAR...)
6 104.18.21.206 13335 (CLOUDFLAR...)
1 142.250.80.40 15169 (GOOGLE)
2 2 142.250.81.228 15169 (GOOGLE)
2 142.250.81.227 15169 (GOOGLE)
1 4 142.251.40.130 15169 (GOOGLE)
2 46 172.64.146.152 13335 (CLOUDFLAR...)
1 18.238.49.109 16509 (AMAZON-02)
1 52.85.61.120 16509 (AMAZON-02)
4 142.250.72.99 15169 (GOOGLE)
14 34.160.152.31 396982 (GOOGLE-CL...)
1 142.250.65.230 15169 (GOOGLE)
1 104.96.85.204 16625 (AKAMAI-AS)
1 52.85.61.119 16509 (AMAZON-02)
1 142.250.72.110 15169 (GOOGLE)
14 172.217.165.130 15169 (GOOGLE)
2 142.251.32.98 15169 (GOOGLE)
2 3.131.10.225 16509 (AMAZON-02)
4 34.111.152.239 396982 (GOOGLE-CL...)
4 74.119.117.17 19750 (AS-CRITEO)
2 104.18.43.90 13335 (CLOUDFLAR...)
1 1 104.26.9.50 13335 (CLOUDFLAR...)
1 3 172.67.41.60 13335 (CLOUDFLAR...)
3 108.138.115.149 16509 (AMAZON-02)
1 104.22.53.173 13335 (CLOUDFLAR...)
3 34.120.111.33 396982 (GOOGLE-CL...)
2 4 35.244.193.51 396982 (GOOGLE-CL...)
2 69.147.92.12 14777 (YAHOO)
16 104.22.5.69 13335 (CLOUDFLAR...)
4 162.19.138.83 16276 (OVH)
2 34.195.102.116 14618 (AMAZON-AES)
2 4 52.223.40.198 16509 (AMAZON-02)
1 2 3.231.87.30 14618 (AMAZON-AES)
2 192.184.68.254 14618 (AMAZON-AES)
1 23.44.136.16 20940 (AKAMAI-ASN1)
2 8 104.18.36.155 13335 (CLOUDFLAR...)
2 2 52.7.226.231 14618 (AMAZON-AES)
2 2 69.194.242.12 26120 (RHYTHMONE)
2 2 35.71.139.29 16509 (AMAZON-02)
2 9 68.67.160.186 29990 (ASN-APPNEX)
4 4 69.194.240.13 26120 (RHYTHMONE)
1 1 23.105.12.171 30633 (LEASEWEB-...)
1 185.167.164.42 198622 (ADFORM)
1 1 3.81.174.250 14618 (AMAZON-AES)
1 1 74.214.194.131 19189 (PULSEPOINT)
1 1 3.168.122.60 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 69.166.1.67 27630 (AS-XFERNET)
2 35.211.202.130 19527 (GOOGLE-2)
2 2 34.36.216.150 396982 (GOOGLE-CL...)
2 2 3.217.64.231 14618 (AMAZON-AES)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 44.198.40.30 14618 (AMAZON-AES)
1 1 44.210.226.144 14618 (AMAZON-AES)
1 1 63.251.28.230 26558 (FREEWHEEL)
1 44.213.160.10 14618 (AMAZON-AES)
1 1 143.244.222.249 14061 (DIGITALOC...)
2 108.138.128.124 16509 (AMAZON-02)
1 1 172.240.155.108 7979 (SERVERS-COM)
2 2 67.202.38.170 14618 (AMAZON-AES)
1 1 52.22.170.1 14618 (AMAZON-AES)
1 108.138.106.108 16509 (AMAZON-02)
3 108.138.127.64 16509 (AMAZON-02)
2 141.95.98.65 16276 (OVH)
4 23.200.0.203 20940 (AKAMAI-ASN1)
1 23.203.179.38 16625 (AKAMAI-AS)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 172.67.38.106 13335 (CLOUDFLAR...)
7 104.18.41.106 13335 (CLOUDFLAR...)
2 104.26.2.70 13335 (CLOUDFLAR...)
1 192.184.68.228 14618 (AMAZON-AES)
2 34.160.128.112 15169 (GOOGLE)
2 44.217.140.218 14618 (AMAZON-AES)
7 207.65.37.179 62713 (AS-PUBMATIC)
7 34.120.63.153 396982 (GOOGLE-CL...)
7 69.173.146.10 26667 (RUBICONPR...)
6 34.107.140.113 396982 (GOOGLE-CL...)
6 3.222.148.106 14618 (AMAZON-AES)
6 52.85.61.91 16509 (AMAZON-02)
15 54.90.36.18 14618 (AMAZON-AES)
1 54.189.44.64 16509 (AMAZON-02)
1 54.184.54.14 16509 (AMAZON-02)
396 63
1    104.20.184.56 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bleepingcomputer.com
1    142.250.80.106 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f10.1e100.net
fonts.googleapis.com
34    104.26.12.6 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bleepstatic.com
6    104.18.21.206 (None, )

ASN13335 (CLOUDFLARENET, US)
a.pub.network
1    142.250.80.40 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f8.1e100.net
www.googletagmanager.com
2    142.250.81.228 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f4.1e100.net
www.google.com
2    142.250.81.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f3.1e100.net
www.gstatic.com
4    142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
pagead2.googlesyndication.com
cm.g.doubleclick.net
46    172.64.146.152 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
cd.connatix.com
cds.connatix.com
ins.connatix.com
vid.connatix.com
cks.connatix.com
1    18.238.49.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-109.jfk52.r.cloudfront.net
ecdn.analysis.fi
1    52.85.61.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-120.ewr53.r.cloudfront.net
ecdn.firstimpression.io
4    142.250.72.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f3.1e100.net
fonts.gstatic.com
14    34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
1    142.250.65.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net
ad.doubleclick.net
1    104.96.85.204 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-85-204.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    52.85.61.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-119.ewr53.r.cloudfront.net
cdn.firstimpression.io
1    142.250.72.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f14.1e100.net
www.google-analytics.com
14    172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f2.1e100.net
securepubads.g.doubleclick.net
2    142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
googleads.g.doubleclick.net
2    3.131.10.225 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-10-225.us-east-2.compute.amazonaws.com
tag.escalated.io
4    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
4    74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    104.18.43.90 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    104.26.9.50 (None, )

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
3    172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net
c.amazon-adsystem.com
1    104.22.53.173 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
3    34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com
cdn.edkt.io
api.edkt.io
4    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    69.147.92.12 (Ashburn, United States)

ASN14777 (YAHOO, US)
PTR: e2.ycpi.vip.dca.yahoo.com
ups.analytics.yahoo.com
16    104.22.5.69 (None, )

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
4    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
2    34.195.102.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-102-116.compute-1.amazonaws.com
idx.liadm.com
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    3.231.87.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-87-30.compute-1.amazonaws.com
rp.liadm.com
2    192.184.68.254 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
1    23.44.136.16 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-136-16.deploy.static.akamaitechnologies.com
s.ntv.io
8    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
htlb.casalemedia.com
2    52.7.226.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-226-231.compute-1.amazonaws.com
match.prod.bidr.io
2    69.194.242.12 (United States)

ASN26120 (RHYTHMONE, US)
ad.turn.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
9    68.67.160.186 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
4    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    23.105.12.171 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
1    185.167.164.42 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    3.81.174.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-174-250.compute-1.amazonaws.com
match.sharethrough.com
1    74.214.194.131 (Amsterdam, Netherlands)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    3.168.122.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-122-60.jfk52.r.cloudfront.net
s.ad.smaato.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
i.ctnsnet.com
1    69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    35.211.202.130 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 130.202.211.35.bc.googleusercontent.com
x.bidswitch.net
2    34.36.216.150 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com
pixel-sync.sitescout.com
2    3.217.64.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-64-231.compute-1.amazonaws.com
sync.crwdcntrl.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    44.198.40.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-40-30.compute-1.amazonaws.com
ads.yieldmo.com
1    44.210.226.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-226-144.compute-1.amazonaws.com
connatix-supply-partners.tremorhub.com
1    63.251.28.230 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    44.213.160.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-160-10.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    143.244.222.249 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
2    108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    172.240.155.108 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
2    67.202.38.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-67-202-38-170.compute-1.amazonaws.com
vop.sundaysky.com
1    52.22.170.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-170-1.compute-1.amazonaws.com
sync.ipredictive.com
1    108.138.106.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-108.jfk50.r.cloudfront.net
config.aps.amazon-adsystem.com
3    108.138.127.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-127-64.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
4    23.200.0.203 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-0-203.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    23.203.179.38 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-179-38.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
7    104.18.41.106 (None, )

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
2    104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    192.184.68.228 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantcount.com
2    34.160.128.112 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 112.128.160.34.bc.googleusercontent.com
api.floors.dev
2    44.217.140.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-140-218.compute-1.amazonaws.com
bcp.crwdcntrl.net
7    207.65.37.179 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
7    69.173.146.10 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
6    3.222.148.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-148-106.compute-1.amazonaws.com
tlx.3lift.com
6    52.85.61.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-91.ewr53.r.cloudfront.net
hb.yellowblue.io
15    54.90.36.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-36-18.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
1    54.189.44.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-44-64.us-west-2.compute.amazonaws.com
ids.ad.gt
1    54.184.54.14 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-54-14.us-west-2.compute.amazonaws.com
pb-ing.ccgateway.net
Apex Domain
Subdomains		 Transfer
46 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 855
cd.connatix.com — Cisco Umbrella Rank: 4132
cds.connatix.com — Cisco Umbrella Rank: 4108
ins.connatix.com — Cisco Umbrella Rank: 5357
vid.connatix.com — Cisco Umbrella Rank: 5002
cks.connatix.com — Cisco Umbrella Rank: 7097
437 KB
34 bleepstatic.com
www.bleepstatic.com — Cisco Umbrella Rank: 98514
499 KB
20 pub.network
a.pub.network — Cisco Umbrella Rank: 4376
d.pub.network — Cisco Umbrella Rank: 4828
c.pub.network — Cisco Umbrella Rank: 4455
347 KB
18 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 153
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
186 KB
17 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1469
a.ad.gt — Cisco Umbrella Rank: 1575
ids.ad.gt — Cisco Umbrella Rank: 1485
61 KB
17 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 503
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 2423 Failed
7 KB
9 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 479
ib.adnxs.com — Cisco Umbrella Rank: 270 Failed
10 KB
8 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 424
tlx.3lift.com — Cisco Umbrella Rank: 530 Failed
8 KB
8 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1590
htlb.casalemedia.com — Cisco Umbrella Rank: 487 Failed
8 KB
7 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 3841 Failed
5 KB
7 media.net
cs.media.net Failed
prebid.media.net — Cisco Umbrella Rank: 1032 Failed
807 B
7 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 1745
hb.yellowblue.io — Cisco Umbrella Rank: 1554 Failed
4 KB
7 pubmatic.com
ads.pubmatic.com Failed
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 480 Failed
384 B
7 rubiconproject.com
secure-assets.rubiconproject.com Failed
fastlane.rubiconproject.com — Cisco Umbrella Rank: 493 Failed
5 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 356
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 667
aax.amazon-adsystem.com — Cisco Umbrella Rank: 466
89 KB
6 t13.io
s2s.t13.io — Cisco Umbrella Rank: 2805 Failed
6 KB
6 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 915
tags.crwdcntrl.net — Cisco Umbrella Rank: 1023
bcp.crwdcntrl.net — Cisco Umbrella Rank: 989
28 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
80 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
cdn.id5-sync.com — Cisco Umbrella Rank: 984
32 KB
5 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1430
cdn-ima.33across.com — Cisco Umbrella Rank: 1544
7 KB
4 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2147
1 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 382
2 KB
4 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 1388
rp.liadm.com — Cisco Umbrella Rank: 964
i.liadm.com Failed
1 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 474
1 KB
4 optimise.net
optimise.net — Cisco Umbrella Rank: 5259
14 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 509
2 KB
3 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 6950
api.edkt.io — Cisco Umbrella Rank: 7453
7 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 869
20 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
7a6ca953a7993755c4024080786e3253.safeframe.googlesyndication.com Failed
191 KB
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 4933
4 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 907
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 925
591 B
2 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2800
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 467
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 717
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 402
276 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 980
894 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 626
1 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1497
pixel.quantserve.com — Cisco Umbrella Rank: 1058
10 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1700
123 KB
2 escalated.io
tag.escalated.io — Cisco Umbrella Rank: 56167
26 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 34283
cdn.firstimpression.io — Cisco Umbrella Rank: 33081
101 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
19 B
1 quantcount.com
rules.quantcount.com Failed
pixel.quantcount.com — Cisco Umbrella Rank: 3720
159 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1108
17 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 904
522 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1737
697 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2196
418 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 597
593 B
1 tremorhub.com
connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 12919
426 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 598
531 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 962
680 B
1 ctnsnet.com
i.ctnsnet.com — Cisco Umbrella Rank: 10270
439 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 676
468 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 585
1 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 527
339 B
1 adform.net
c1.adform.net — Cisco Umbrella Rank: 635
522 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 778
348 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1217
531 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4032
183 KB
1 ccgateway.net
pb-rtd.ccgateway.net Failed
pb-ing.ccgateway.net — Cisco Umbrella Rank: 5506 Failed
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1628
12 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 5952
650 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2360
1 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 37505
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
106 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 bleepingcomputer.com
www.bleepingcomputer.com — Cisco Umbrella Rank: 90166
17 KB
0 intentiq.com Failed
sync.intentiq.com Failed
0 gumgum.com Failed
g2.gumgum.com Failed
0 openx.net Failed
us-u.openx.net Failed
pa.openx.net Failed
0 loopme.me Failed
csync.loopme.me Failed
0 tynt.com Failed
de.tynt.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
id.rlcdn.com Failed
396 75
Domain Requested by
34 www.bleepstatic.com www.bleepingcomputer.com
www.bleepstatic.com
19 cks.connatix.com blank
15 c2shb.pubgw.yahoo.com a.pub.network
15 id.hadron.ad.gt a.pub.network
cdn.hadronid.net
14 securepubads.g.doubleclick.net a.pub.network
securepubads.g.doubleclick.net
13 c.pub.network a.pub.network
13 cds.connatix.com cd.connatix.com
cds.connatix.com
10 capi.connatix.com 2 redirects www.bleepingcomputer.com
cds.connatix.com
blank
7 fastlane.rubiconproject.com a.pub.network
7 ex.ingage.tech a.pub.network
7 hbopenbid.pubmatic.com a.pub.network
7 ib.adnxs.com a.pub.network
7 prebid.media.net a.pub.network
6 htlb.casalemedia.com a.pub.network
6 hb.yellowblue.io a.pub.network
6 tlx.3lift.com a.pub.network
6 s2s.t13.io a.pub.network
6 a.pub.network www.bleepingcomputer.com
a.pub.network
4 qsearch-a.akamaihd.net www.bleepingcomputer.com
blank
4 match.adsrvr.org 2 redirects a.pub.network
4 id5-sync.com a.pub.network
4 lexicon.33across.com 2 redirects www.bleepingcomputer.com
4 gum.criteo.com a.pub.network
4 optimise.net a.pub.network
4 fonts.gstatic.com fonts.googleapis.com
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 sync.1rx.io 3 redirects
3 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
3 btloader.com 1 redirects www.bleepingcomputer.com
blank
3 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
2 api.edkt.io cdn.edkt.io
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 api.floors.dev a.pub.network
2 ad-delivery.net blank
2 lb.eu-1-id5-sync.com a.pub.network
2 vop.sundaysky.com 2 redirects
2 tags.crwdcntrl.net cds.connatix.com
www.bleepingcomputer.com
2 pixel.tapad.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 x.bidswitch.net cds.connatix.com
blank
2 secure.adnxs.com 2 redirects
2 eb2.3lift.com 2 redirects
2 ad.turn.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 ssum.casalemedia.com 2 redirects
2 ins.connatix.com cds.connatix.com
2 rp.liadm.com 1 redirects www.bleepingcomputer.com
2 idx.liadm.com a.pub.network
2 ups.analytics.yahoo.com a.pub.network
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 tag.escalated.io ecdn.firstimpression.io
tag.escalated.io
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.gstatic.com www.bleepingcomputer.com
2 www.google.com 2 redirects
1 ids.ad.gt blank
1 pixel.quantserve.com blank
1 pixel.quantcount.com secure.quantserve.com
1 cdn.id5-sync.com www.bleepingcomputer.com
1 cdn-ima.33across.com www.bleepingcomputer.com
1 secure.cdn.fastclick.net www.bleepingcomputer.com
1 a.ad.gt cdn.hadronid.net
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cm.g.doubleclick.net 1 redirects
1 sync.ipredictive.com 1 redirects
1 sync.colossusssp.com 1 redirects
1 sync.resetdigital.co 1 redirects
1 cs-server-s2s.yellowblue.io cds.connatix.com
1 ads.stickyadstv.com 1 redirects
1 connatix-supply-partners.tremorhub.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 i.ctnsnet.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 bh.contextweb.com 1 redirects
1 match.sharethrough.com 1 redirects
1 c1.adform.net cds.connatix.com
1 ssbsync.smartadserver.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 vid.connatix.com cds.connatix.com
1 pb-ing.ccgateway.net a.pub.network
1 s.ntv.io a.pub.network
1 secure.quantserve.com a.pub.network
1 cdn.edkt.io a.pub.network
1 cdn.hadronid.net a.pub.network
1 freestar-io.videoplayerhub.com 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 cdn.firstimpression.io ecdn.firstimpression.io
1 widgets.outbrain.com www.bleepingcomputer.com
1 ad.doubleclick.net www.bleepingcomputer.com
1 d.pub.network www.bleepingcomputer.com
1 cd.connatix.com www.bleepingcomputer.com
1 ecdn.firstimpression.io www.bleepingcomputer.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 www.googletagmanager.com www.bleepingcomputer.com
1 fonts.googleapis.com www.bleepingcomputer.com
1 www.bleepingcomputer.com
0 rules.quantcount.com Failed secure.quantserve.com
0 i.liadm.com Failed www.bleepingcomputer.com
0 sync.intentiq.com Failed www.bleepingcomputer.com
0 7a6ca953a7993755c4024080786e3253.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
0 g2.gumgum.com Failed a.pub.network
0 pa.openx.net Failed a.pub.network
0 id.rlcdn.com Failed www.bleepingcomputer.com
0 cs.media.net Failed www.bleepingcomputer.com
0 us-u.openx.net Failed www.bleepingcomputer.com
0 csync.loopme.me Failed cds.connatix.com
0 ads.pubmatic.com Failed cds.connatix.com
a.pub.network
0 de.tynt.com Failed cds.connatix.com
0 secure-assets.rubiconproject.com Failed cds.connatix.com
0 api.rlcdn.com Failed a.pub.network
0 pb-rtd.ccgateway.net Failed a.pub.network
396 112

This site contains no links.

Subject Issuer Validity Valid
bleepingcomputer.com
Sectigo RSA Domain Validation Secure Server CA		 2024-05-02 -
2025-05-03		 a year crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
bleepstatic.com
WE1		 2024-09-09 -
2024-12-08		 3 months crt.sh
pub.network
WE1		 2024-09-17 -
2024-12-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
capi.connatix.com
WE1		 2024-09-08 -
2024-12-07		 3 months crt.sh
analysis.fi
Amazon RSA 2048 M03		 2024-09-02 -
2025-09-30		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2023-11-28 -
2024-12-05		 a year crt.sh
connatix.com
WE1		 2024-08-25 -
2024-11-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
d.pub.network
WR3		 2024-09-12 -
2024-12-11		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.escalated.io
Amazon RSA 2048 M02		 2024-03-24 -
2025-04-23		 a year crt.sh
optimise.net
WR3		 2024-09-09 -
2024-12-08		 3 months crt.sh
c.pub.network
WR3		 2024-09-09 -
2024-12-08		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-26 -
2024-11-20		 3 months crt.sh
confiant-integrations.net
WE1		 2024-09-09 -
2024-12-08		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
hadronid.net
WE1		 2024-07-27 -
2024-10-25		 3 months crt.sh
edkt.io
WR3		 2024-08-03 -
2024-11-01		 3 months crt.sh
sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-07-30 -
2025-01-22		 6 months crt.sh
id.hadron.ad.gt
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.id5-sync.com
E5		 2024-09-01 -
2024-11-30		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-07-31 -
2025-08-29		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
quantserve.com
R11		 2024-08-23 -
2024-11-21		 3 months crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-31 -
2025-07-31		 a year crt.sh
ins.connatix.com
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
vid.connatix.com
WE1		 2024-09-12 -
2024-12-11		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-03 -
2025-09-24		 a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-16 -
2024-10-16		 3 months crt.sh
*.yellowblue.io
Amazon ECDSA 256 M03		 2024-03-18 -
2025-04-16		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
*.eu-1-id5-sync.com
R10		 2024-09-01 -
2024-11-30		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-18 -
2025-04-19		 a year crt.sh
a.ad.gt
WE1		 2024-08-07 -
2024-11-05		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
id5-sync.com
WE1		 2024-08-02 -
2024-10-31		 3 months crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2024-08-01 -
2025-08-11		 a year crt.sh
ad-delivery.net
WE1		 2024-09-12 -
2024-12-11		 3 months crt.sh
api.floors.dev
WR3		 2024-08-26 -
2024-11-24		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-19 -
2025-04-19		 a year crt.sh
prebid.media.net
WR3		 2024-08-09 -
2024-11-07		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
s2s.t13.io
WR3		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-10		 a year crt.sh
casalemedia.com
E5		 2024-08-15 -
2024-11-13		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-09-06 -
2025-03-05		 6 months crt.sh
*.ad.gt
Amazon RSA 2048 M02		 2024-03-10 -
2025-04-08		 a year crt.sh
ccgateway.net
E5		 2024-08-07 -
2024-11-05		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Frame ID: 05DF6855F421209BEB93A83495121216
Requests: 331 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Frame ID: 3E344A1C4DBF6C3EEBE87AC8026D661C
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240916/r20110914/zrt_lookup_fy2021.html
Frame ID: 86846636EE2535290F7923040CA7BBB5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1726267479&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiepr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726752941151&bpp=6&bdt=2752&idt=1403&shv=r20240916&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1586041321925&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087218%2C95342765%2C95342338&oid=2&pvsid=2992154380907323&tmod=2139344520&uas=0&nvt=1&fsapi=1&fc=896&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=1619
Frame ID: 97AFA0CD0B7C7BD7D31ABB943DA971BC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 7BE1760F229C7CB887814DE0C0079650
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
Frame ID: F69647E19F6B8F83D638F5B88643A256
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D660e6b66996a490e85b1a7c15e2b4b7f%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
Frame ID: C10FA8001CE17A852D2540162E916701
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D660e6b66996a490e85b1a7c15e2b4b7f%26DemandPartnerName%3DPubmatic%26tier%3D1%26DemandPartnerUserId%3D&gdpr=0
Frame ID: 69CAD6C57F0867A6771F43A0B95E04C8
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d660e6b66996a490e85b1a7c15e2b4b7f%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Frame ID: 4E8F94433BA107096B3D371DD17FB7B3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 9900F342E4D81EED9FB509B3172F374C
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 8E01825ED82EFCDCE0C818DA543B2707
Requests: 1 HTTP requests in this frame

Frame: https://7a6ca953a7993755c4024080786e3253.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FAE4C61A07E9AE6E61BCD634EAD51B55
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

396
Requests

65 %
HTTPS

0 %
IPv6

75
Domains

112
Subdomains

63
IPs

6
Countries

2651 kB
Transfer

7774 kB
Size

90
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 28
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 82
  • https://capi.connatix.com/core/sync HTTP 302
  • https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
Request Chain 87
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 92
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.8&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.8&coppa=0&b=1&tp=ohqGK%2FjR%2BpbTvHaSzLLbzuGo00wRZuFk8hlfLOYMQI0%3D
Request Chain 100
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.8&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.8&coppa=0&b=1&tp=Iwa2%2Bz9mbyC0JJ1QPCij7sSz5jHf3eUg5hJRTuYRb%2BI%3D
Request Chain 109
  • https://rp.liadm.com/j?dtstmp=1726752946175&did=did-0047&se=e30&duid=83077f409aa5--01j857xwvpfdt0vces3nt7r7w2&tv=8.49.8&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&wpn=prebid&cd=.bleepingcomputer.com HTTP 302
  • https://rp.liadm.com/j?dtstmp=1726752946175&did=did-0047&se=e30&duid=83077f409aa5--01j857xwvpfdt0vces3nt7r7w2&tv=8.49.8&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&wpn=prebid&cd=.bleepingcomputer.com&n3pc=true
Request Chain 120
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DIndex%26api-tier%3D1%26uid%3D&gdpr=0 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DIndex%26api-tier%3D1%26uid%3D&gdpr=0&s=190549&C=1 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Index&api-tier=1&uid=ZuwotNHM6VUAAGKwAFEXggAA%263513
Request Chain 121
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&gdpr=0&_bee_ppp=1 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Beeswax&api-tier=1&uid=AABZak7N2FIAABYXV8En4A&gdpr=0
Request Chain 122
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=bc8b0835-1393-4f63-9270-2da844e8deab&ttl=1729344948
Request Chain 123
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DAmobee%26api-tier%3D1%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=21&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Amobee&api-tier=1&uid=4431262957904967240
Request Chain 124
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DTripleLift%26api-tier%3D1%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DTripleLift%26api-tier%3D1%26uid%3D%24UID HTTP 302
  • https://cks.connatix.com/cks?pid=25&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=TripleLift&api-tier=1&uid=515864219262712206300
Request Chain 125
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DAppNexus%26api-tier%3D1%26uid%3D%24UID=&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D6%2526ev%253D660e6b66996a490e85b1a7c15e2b4b7f%2526pname%253DAppNexus%2526api-tier%253D1%2526uid%253D%2524UID%3D%26gdpr%3D0 HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=AppNexus&api-tier=1&uid=581897326773403389=&gdpr=0
Request Chain 126
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D44%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DNexxen%26api-tier%3D1%26uid%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&zcc=1&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D44%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DNexxen%26api-tier%3D1%26uid%3D%5BRX_UUID%5D&cb=1726752938399 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&id=RX-77f2fc8e-b914-43b5-afd5-d80cfef17de3-005&rndcb=1945522523 HTTP 302
  • https://sync.1rx.io/usersync/turn/8015622402356240821?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-77f2fc8e-b914-43b5-afd5-d80cfef17de3-005?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D44%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DNexxen%26api-tier%3D1%26uid%3DRX-77f2fc8e-b914-43b5-afd5-d80cfef17de3-005 HTTP 302
  • https://cks.connatix.com/cks?pid=44&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Nexxen&api-tier=1&uid=RX-77f2fc8e-b914-43b5-afd5-d80cfef17de3-005
Request Chain 127
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&nwid=3630&gdpr=0&gdpr_consent=null&url=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d40%26ev%3d660e6b66996a490e85b1a7c15e2b4b7f%26pname%3dSmartAdServer%26api-tier%3d1%26uid%3D%5Bsas_uid%5D HTTP 302
  • https://capi.connatix.com/us/pixel?puid=1025924811267706626&pId=40&gdpr=0&gdpr_consent=
Request Chain 130
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D660e6b66996a490e85b1a7c15e2b4b7f%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0 HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D660e6b66996a490e85b1a7c15e2b4b7f%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
Request Chain 132
  • https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d660e6b66996a490e85b1a7c15e2b4b7f%26pname%3dSharethrough%26api-tier%3d1%26uid%3d%7BUSER_ID%7D HTTP 302
  • https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=0f918fba-cde2-4226-9f81-74432a0e5288&gdpr=0&gdpr_consent=null
Request Chain 133
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DPulsePoint%26api-tier%3D1%26uid%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=13&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=PulsePoint&api-tier=1&uid=entIUMJq7Y6Q
Request Chain 134
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d48%26ev%3d660e6b66996a490e85b1a7c15e2b4b7f%26pname%3dSmaato%26api-tier%3d1%26uid%3D%24UID HTTP 302
  • https://cks.connatix.com/cks?pid=48&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Smaato&api-tier=1&uid=6db2e17714
Request Chain 135
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DCrimtan%26api-tier%3D1%26uid%3D%5Buser_id%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=28&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Crimtan&api-tier=1&uid=4b889810fd7f4e8c83fe907574592b07
Request Chain 136
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DSonobi%26api-tier%3D1%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=43&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Sonobi&api-tier=1&uid=efcb09bb-e5a1-4f81-8bc3-973d1c186f0c
Request Chain 139
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DCentro%26api-tier%3D1%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DCentro%26api-tier%3D1%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Db75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D660e6b66996a490e85b1a7c15e2b4b7f%2526pname%253DCentro%2526api-tier%253D1%2526uid%253Db75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553%2526gdpr%253D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Db75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D660e6b66996a490e85b1a7c15e2b4b7f%2526pname%253DCentro%2526api-tier%253D1%2526uid%253Db75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553%2526gdpr%253D0&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DCentro%26api-tier%3D1%26uid%3Db75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DCentro%26api-tier%3D1%26uid%3Db75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553%26gdpr%3D0 HTTP 302
  • https://cks.connatix.com/cks?pid=9&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Centro&api-tier=1&uid=b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553&gdpr=0
Request Chain 140
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DYieldMo%26api-tier%3D1%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=39&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=YieldMo&api-tier=1&uid=VRYofYYK3oYot_1DS8ch&gdpr=0
Request Chain 141
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=660e6b66996a490e85b1a7c15e2b4b7f&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DTelaria%26api-tier%3D1%26uid%3D%5BTVUSER_ID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=5&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Telaria&api-tier=1&uid=e41d024793374cf499f781052764e5f1
Request Chain 142
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=ebe0e44056419bacaa87a61f23a4c317&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Request Chain 144
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DResetDigital%26api-tier%3D1%26uid%3D%24USER_ID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=35&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=ResetDigital&api-tier=1&uid=0000015ABACC79AE
Request Chain 146
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=660e6b66996a490e85b1a7c15e2b4b7f&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DColossus%26api-tier%3D1%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=34&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Colossus&api-tier=1&uid=62b6fdf2-16a5-45a0-9002-6edbd2aac242
Request Chain 147
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DSundaySky%26api-tier%3D1%26uid%3D%24%7Bssky_uuid%7D&gdpr=0 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DSundaySky%26api-tier%3D1%26uid%3D%24%7Bssky_uuid%7D&gdpr=0&_cvt=t HTTP 302
  • https://cks.connatix.com/cks?pid=1&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=SundaySky&api-tier=1&uid=d6.568403bec21748e2ba58c1db28832e28
Request Chain 148
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DAdelphic%26api-tier%3D1%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=29&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Adelphic&api-tier=1&uid=31b7a3b9-e544-4ba9-a78c-96fec3de5650
Request Chain 152
  • https://capi.connatix.com/us/google/pixel?tier=1&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NjYwZTZiNjY5OTZhNDkwZTg1YjFhN2MxNWUyYjRiN2Y&extra1=660e6b66996a490e85b1a7c15e2b4b7f&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport HTTP 302
  • https://capi.connatix.com/us/google/report?extra1=660e6b66996a490e85b1a7c15e2b4b7f&gdpr=0
Request Chain 248
  • https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896&w= HTTP 302
  • https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896

396 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/ 		77 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.184.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de4b8ef94d50f377ac098fe768c23f84b9eed59d09ab46f68a1555a25a0f3991
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8c59f5c51c6c3a08-YYZ
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Thu, 19 Sep 2024 13:35:38 GMT
expires
0
last-modified
Fri, 13 Sep 2024 22:44:39 GMT
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f10.1e100.net
Software
ESF /
Resource Hash
d9a0b2a5b4fee4e6e2f74e8131619545972b864657c524d16a52f2618a429eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 13:35:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 19 Sep 2024 13:35:39 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.min.css
www.bleepstatic.com/js/redesign/bootstrap/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/css/bootstrap.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"624975547"
age
1529
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RZ%2FqfJ3OGP354rBxEW9L%2Bx4xgCmKj%2BOLHgV3K6to2NwW3pWS6O%2FyZSLRhHMAniH1sQiWly8T3Wans2t3nkgbv0IzmLGzQSfdcYi6VV14n%2FemtQrUUPzyWoKCR%2Bk6Qdc3jFGsG7E%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 03 Jun 2024 14:52:20 GMT
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5cddf23ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
19736
server
cloudflare
main.css
www.bleepstatic.com/css/redesign/ 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=09.15.24.12
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb8da43c7a789f41fb8a1de1dc61f043791d861ff7740bf0569f690135f87d99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"20543809"
age
303601
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fhvU4smyvItyAUQc091I00240QqGoHzU5KJv3DHEPj3U2eukQu84xI4DnKIKuI8yBkeC3ZuQsUZNzmyl57KsB9WHtLOgOcDFrUF3VXcljXPHImKVEl%2BmDnJ777IGVicxmFWh3bU%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 21 Oct 2024 01:15:37 GMT
cf-polished
origSize=65966
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/css
last-modified
Mon, 16 Sep 2024 01:15:26 GMT
vary
Accept-Encoding
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5cddf27ac78-YYZ
access-control-allow-origin
*
server
cloudflare
home.css
www.bleepstatic.com/css/redesign/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"327631530"
age
1529
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ABj7gdQMZ1hEVq2sgbPOxNkTTOy2e%2F4kueGdzsGcpvofj2vNVQxDKLAHorIow7HUZ6WesQIS1Mdak9XgDhILXcHA%2Fc%2FXT4MsHAvNx3oGrMxW21WkJh0M8snr0ThtwtwrRLhB8WI%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 03 Apr 2024 20:19:37 GMT
cf-polished
origSize=15024
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/css
last-modified
Wed, 14 Dec 2022 03:04:07 GMT
vary
Accept-Encoding
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5cddf26ac78-YYZ
access-control-allow-origin
*
server
cloudflare
news.css
www.bleepstatic.com/css/redesign/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0220920afed632cb20f241b0695b9776b4499643b437735ad75ffa9f3add2f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"3577295436"
age
209998
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=puEbNwJsaj%2FXuKPKVDtrG3Oe%2FMSjx5CKfWu4pr9i6Uo87zr0LvjqPkizxWmd0CI3vwX0Rz0IJPBPxcd%2F7SgGYd2vWaTVdLS24JLfNfFqRAUnStN7xZnR8OtAWVQtbsb1CPFcFUE%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 22 Oct 2024 03:15:41 GMT
cf-polished
origSize=36679
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/css
last-modified
Tue, 17 Sep 2024 03:15:23 GMT
vary
Accept-Encoding
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5cddf25ac78-YYZ
access-control-allow-origin
*
server
cloudflare
jquery-3.5.1.min.js
www.bleepstatic.com/js/redesign/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-3.5.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1177690299"
age
29
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hg97g9HPh8av0BH90eUvOLZE7Dvtix0djTIWc5ByCpnRr64KAhMQu6OUhnzAoXsuBLcHvjxGzmbxU2S3M1VLCbEEEPbwsHk3%2F6cfqnhItRM5VK%2BWovuexF%2BNZjwxhYLdAgenH6Q%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 03 Apr 2024 21:34:30 GMT
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 04 May 2020 23:02:39 GMT
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5cddf28ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
30950
server
cloudflare
jquery-migrate-1.4.1.min.js
www.bleepstatic.com/js/redesign/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-migrate-1.4.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"2177127834"
age
29
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3LWXmK5XgkhJuLtK4os6pufjmt%2FAhloglebUaZgT15y%2BVQlj5iyU2%2BgFuuC5JDW7aiYGNWK4SIqpALQ%2B9jwtg7TAPh%2FPuRr9oyM%2Fftz4C7xiXhE5hPNGcNYHTpuI9Nul%2Fa8MPmY%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 03 Jun 2024 14:52:19 GMT
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Fri, 20 May 2016 01:26:30 GMT
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5cddf29ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
4014
server
cloudflare
news.js
www.bleepstatic.com/js/redesign/ 		183 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"4218930423"
age
29
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fQYuK%2Fy%2BzLm0SJx0lpP06m9IoqDBHwlbnvMyTTWKVvphhYNCsqskhsl2pXkbQzunivPk2FXXsPpAxb1t%2F8sTX9hdQWHBTf6mxCdHmydc7ZMml%2FY3NU%2BO%2BFXJ2eEB8tb8GGeyYQ%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 03 Jun 2024 14:53:51 GMT
cf-polished
origSize=247
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/javascript
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
vary
Accept-Encoding
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d08a44ac78-YYZ
access-control-allow-origin
*
server
cloudflare
cls.css
a.pub.network/core/pubfig/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
cf-cache-status
HIT
etag
W/"816783146b3907e634d0e822ca759864"
age
336
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Thu, 19 Sep 2024 14:35:38 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
2096
date
Thu, 19 Sep 2024 13:35:38 GMT
content-type
text/css
last-modified
Fri, 28 Oct 2022 14:36:10 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljs9HZTPQ3Wlh6IrMlYLZOhDn2EZjHa_u7yuFCb4mI6RlaVop7mLLKonZJLEsB7f0HAB_2dTdEsl3w
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8c59f5cc396736c4-YYZ
access-control-allow-origin
*
x-goog-generation
1666967770269941
server
cloudflare
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b101d0011cc2321a6466608677f6ea58ecb9b4a143b407de8d7fe917851cb1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=lD3Nfg==, md5=gCq8FQwIpCVVGnUnKxszsA==
cf-cache-status
HIT
etag
W/"802abc150c08a425551a75272b1b33b0"
age
65129
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Thu, 19 Sep 2024 14:05:39 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
41111
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 13:38:55 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljuF37AD6Z1dTnWzMf398J87Dr-dGlFMLFcVdk9MJKZX4182M4O8lI-YvCnCpeZ_MKyM8ro
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://d.pub.network/v2/sites/bleepingcomputer-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8c59f5d08cee36c4-YYZ
access-control-allow-origin
*
x-goog-generation
1726493934932245
server
cloudflare
js
www.googletagmanager.com/gtag/ 		318 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.40 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d494a3de8843d2b6f410108d63b83b440737514b9c2e36580870cbf41a79af3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Thu, 19 Sep 2024 13:35:40 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108060
date
Thu, 19 Sep 2024 13:35:40 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
logo.png
www.bleepstatic.com/images/site/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
1221064
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TslXyiwbohoz69RYOyYfy0x0oaiXaorA%2FBREBkHPdNIb6aPqJ%2BPWPQPzRFMBTa%2FyL0Jq4P6KJ7Yj2vq10XuPUOewhPeFdPZYfEn53leHhVunHey%2B6%2B8DNI7nOJFnhdix0FkzKVM%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 05 Oct 2024 10:24:35 GMT
cf-polished
origFmt=png, origSize=1882
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="logo.webp"
vary
Accept
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d08a47ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1152
server
cloudflare
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
77722
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 16:00:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:00:19 GMT
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
5807
x-xss-protection
0
server
sffe

Redirect headers

cache-control
public, max-age=1800
location
https://www.gstatic.com/prose/brandjs.js
age
1452
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 13:41:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
date
Thu, 19 Sep 2024 13:11:28 GMT
content-type
text/html; charset=UTF-8
server
sffe
ThreatLocker-970x250.png
www.bleepstatic.com/c/t/threatlocker/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/c/t/threatlocker/ThreatLocker-970x250.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9da1e14c55cde6c9ef821ed9281ad6f79c0320fb9e7286654d5f85b38054b33b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
53996
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kP2vz2jPDwmlgySKnzKeDSYnt%2BUvr5GLhi4GFydupaUEGiWI%2BKnNifLO4KheoQTXwbJnCcdFvBWFo5XjzptHcFt4HP3lyjxrKfUthKEUvuZOm06911shWxsSCQU9SGmV2FmTpSM%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 18 Oct 2024 22:35:43 GMT
cf-polished
origFmt=png, origSize=49906
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="ThreatLocker-970x250.webp"
vary
Accept
last-modified
Wed, 18 Sep 2024 22:32:34 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5ce4fa4ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
27428
server
cloudflare
kiosk.jpg
www.bleepstatic.com/content/hl-images/2024/09/13/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2024/09/13/kiosk.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a32712d7d08adabdfa7e74620ee1c282371cdc869d6b430095c3cc2d1a705cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
429896
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eeJ9bxaxlBwQjSrQKuG%2B2LotEn2dyQblUWKt6pAsNa%2BvS1hzNqshFKdcRatPBDssfx0dg7R%2FEgn%2F7%2FCJ4gOC1lPw12fQtqAtEIdBABnra1JzT8dhejxUFeOo3FZBlxfMZncbYow%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 14 Oct 2024 14:10:42 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=109553
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="kiosk.webp"
vary
Accept
last-modified
Fri, 13 Sep 2024 10:13:28 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5ce4fa6ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
61066
server
cloudflare
kiosk.png
www.bleepstatic.com/images/news/u/1220909/2024/Cybersecurity/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/news/u/1220909/2024/Cybersecurity/12/kiosk.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
121ed9cb0e25a4a58cf94170798eee2d8c7024f70081f87229d773966b21d09b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
429496
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zejkg5%2FWK2BuT7QPlmHMs%2FebmdbayN3N5m3wAH%2F8SQMkkD1Xomryn936fINbHdYBYitoSCh4mH6QTdC8Aj%2BJDen5wAqeRBLjhEh64xIHe%2Fo4dOuwkiICvtAEMRxfHd0Ay7W%2BtjU%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 14 Oct 2024 14:17:22 GMT
cf-polished
origFmt=png, origSize=14847
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="kiosk.webp"
vary
Accept
last-modified
Fri, 13 Sep 2024 10:05:54 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5cf7952ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5972
server
cloudflare
ingore.png
www.bleepstatic.com/images/news/u/1220909/2024/Cybersecurity/12/ 		916 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/news/u/1220909/2024/Cybersecurity/12/ingore.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce808f14825f7c2005bdc28dbda17e858718ee452be18e8803336d62c728715

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
429496
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OuqIFH9qpV7Zf7o0jjYEKyw%2BxTkfZsiulhoJMkNknXpu%2BvXoS5kdZ%2BRWymdZ8%2FpfnP5XsNYFPzAYNr567NCuRQ%2B2f3BkK1UX5zoT5mixlQDIYMaiVFz7Q3qF9wdujBIXYzzLJOk%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 14 Oct 2024 14:17:23 GMT
cf-polished
origFmt=png, origSize=2396
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="ingore.webp"
vary
Accept
last-modified
Fri, 13 Sep 2024 10:05:53 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5cf7954ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
916
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
f8ba64b9b411d1e0e77b5a6063b8ffbc809662d9afad5c709e48fa49dab13543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
10087121033263312067
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 13:35:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 19 Sep 2024 13:35:40 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52289
x-xss-protection
0
server
cafe
twitter.png
www.bleepstatic.com/images/site/login/ 		282 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
69259
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXo1SZbmZmkeL8MIIZj3ZIv1gHFtuESeFniSpN5L7KRYW2JjHz%2FMCrbWgvz9K6pcQikjh%2F8WKJY9MsVXx1xlk4giKc8NVeT90bJB220qV%2F5p0bng46pzUG%2F9y7FiTI%2FdDu8i7IE%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 18 Oct 2024 18:21:20 GMT
cf-polished
origFmt=png, origSize=475
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="twitter.webp"
vary
Accept
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d08a48ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
282
server
cloudflare
bootstrap.js
www.bleepstatic.com/js/redesign/bootstrap/js/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/js/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"984724076"
age
1529
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uasU4gmUIAoqNSiXK8Q4r%2BQQGV%2FAajfUcIKERs%2FuC5GggSF3BgWLT8eAQy2D8ue%2Bgrg1oLTdgOOqKwhtD4rUBw9E8T%2FkFE9rJL0kFlMk6qnVTGOymfViFaNzC7%2FFJQ5BgxKQy4E%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 03 Jun 2024 14:52:19 GMT
cf-polished
origSize=75484
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/javascript
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
vary
Accept-Encoding
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d08a4aac78-YYZ
access-control-allow-origin
*
server
cloudflare
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"753357888"
age
29
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=acVsDIMhf1kGiMIGnIH1%2FH9h3q%2B5Qv4HrccjTZAzwu48Db29CMXZ4RDae4alIO7k4uus1Jgn3dJx%2F2pS2ziRfRFtWhjBJ35PhIvv%2FljBVby492MT57jpMVUEGf7F4GQzrM2m1sA%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 03 Jun 2024 14:52:19 GMT
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5cfd996ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2009
server
cloudflare
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"2665978998"
age
1791
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=igz1ybh70sTgQksI5RhyTX0kKQoOonLvmfWWbi199NLLCqXq7x9wzrNu5Tv6OpiRvUBAJdY7j8n0mVGlMBip3EEKp8ODh%2B0mJDXK1gK12ri9G6vcVPAxsfl%2BZvrg0JyTOV8VGiI%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 03 Apr 2024 19:14:36 GMT
cf-polished
origSize=3600
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/javascript
last-modified
Thu, 01 Feb 2024 03:51:53 GMT
vary
Accept-Encoding
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d08a4bac78-YYZ
access-control-allow-origin
*
server
cloudflare
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"327140449"
age
4668
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cd5AOG1SakurSC88pMpd688ac20eCuVD%2BsqtaOWMApvSyC9lYF5hS1K2NZqFo69DVlsbLmf7nHkFBYnqZ9e7%2B2fgi%2FPFKxCq17%2FQdH2mCaNx1UR7YG%2FUfjyeOZcAQtV5QuYeh%2B4%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 03 Apr 2024 17:51:54 GMT
cf-polished
origSize=48706
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/javascript
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
vary
Accept-Encoding
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d08a4cac78-YYZ
access-control-allow-origin
*
server
cloudflare
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1740214911"
age
1519
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCwGvT%2BNFZ4motvmvFzVngdrA98jF%2B7C3N3FjCzoqetGe%2BHdWT26rca%2FAgsvNHuKfXNvo4Vzm%2FKlNUzn0XfHxrD7bPNvpqg2W4F5ermBmRo7yUodaEiab48TeMrG5YG6Ub%2BhO5w%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 03 Apr 2024 17:52:15 GMT
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5cfd998ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2686
server
cloudflare
si
capi.connatix.com/tr/ 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=de820c7a-cd3f-49f4-9038-04e5790f8d5e&cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f5d85ea5a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 19 Sep 2024 13:35:40 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-109.jfk52.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=3600, public
content-encoding
br
etag
W/"1090-61672d079f400"
age
3075
via
1.1 e3d2c542026df7b9357e3b591c889f64.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
p-3bfwPTwNcQJiyYA46hL4tthjYw5y0WGN6bmw4Yx90s7OZIDKqjdA==
date
Thu, 19 Sep 2024 12:44:25 GMT
content-type
application/javascript
last-modified
Fri, 19 Apr 2024 13:10:40 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
JFK52-P3
vary
Accept-Encoding
fi_client.js
ecdn.firstimpression.io/ 		353 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-120.ewr53.r.cloudfront.net
Software
Apache/2.4.54 (Debian) / PHP/8.2.0
Resource Hash
697e6246529c73e8852ecc7fec6d9dc69311b80645391837bf8e08a95a6338b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Encoding
br
ETag
W/"7330d38ba833c139d8e9c86ed58d8885"
Age
290
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
-ptorL9wEFBZjPc-_uE1_3g4cVkLgWLB91vAbRXn9KeicQeaCQJeZA==
Date
Thu, 19 Sep 2024 13:30:50 GMT
Content-Type
application/javascript
Last-Modified
Thu,19 Sep 2024 13:30:50 UTC
Vary
Accept-Encoding
Transfer-Encoding
chunked
Cache-Control
max-age=3600
Connection
keep-alive
Via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-XSS-Protection
0
X-Amz-Cf-Pop
EWR53-P1
X-Powered-By
PHP/8.2.0
Server
Apache/2.4.54 (Debian)
connatix.player.js
cd.connatix.com/ Frame 3E34 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cd.connatix.com/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d279454163e9335e938dc0b1c168e9963af2e5d40f3dd85fe2ff142061dadea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
cf-ray
8c59f5d85f0bab9a-YYZ
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:40 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://www.gstatic.com/prose/brandjs.js
14 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
77722
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 16:00:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:00:19 GMT
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
5807
x-xss-protection
0
server
sffe

Redirect headers

cache-control
public, max-age=1800
location
https://www.gstatic.com/prose/brandjs.js
age
1452
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 13:41:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
date
Thu, 19 Sep 2024 13:11:28 GMT
content-type
text/html; charset=UTF-8
server
sffe
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
login_bg.png
www.bleepstatic.com/images/site/ 		126 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=09.15.24.12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=09.15.24.12

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
969
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eJGEPsdaFspb8HI4aCA7SmhQQSPmpEW8bLL6GDVGJshaoG3vn%2FLsQVMNNg23w9BJSdr5ms4JgB9VUBD3fISp48e0q9yp2newRfXHKTFypgXG3VrDO5%2BLfAz9hhLoJZ0mpi4DjKI%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 29 May 2024 14:52:19 GMT
cf-polished
origFmt=png, origSize=187
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="login_bg.webp"
vary
Accept
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d2ac90ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
126
server
cloudflare
nav_bg.png
www.bleepstatic.com/images/site/ 		72 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=09.15.24.12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=09.15.24.12

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
69552
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VOnV85FEIZC57EH8knthniYI5peKz1KydJyUMX3u%2BrcoBccdkUSht1qec51lcQG7%2FjwKdUWnR4HuPxq0lTPWICXSGf8zvHDM9U0t11PfnmL53cWp0jRepF5nXQfSoBYtNfvxalo%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 18 Oct 2024 18:16:27 GMT
cf-polished
origFmt=png, origSize=83
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="nav_bg.webp"
vary
Accept
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d2ac92ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
72
server
cloudflare
20x20-printer.png
www.bleepstatic.com/images/site/ 		422 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=09.15.24.12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=09.15.24.12

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
60311
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbNy9glhMeoKoj%2F9mRK1ZNAixeB0pfYShAzd%2Bny%2BPkf%2FaYFo6IJxx2ROnPiUhJ3PzwyuWVRUoMHpS3fJGguetSNzSE47BmQ85rahWcpFQWHcoaBjaYLueoVfdPJhklPxNaYn2uA%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 18 Oct 2024 20:50:27 GMT
cf-polished
origFmt=png, origSize=824
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="20x20-printer.webp"
vary
Accept
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d2ac94ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
422
server
cloudflare
calendar.png
www.bleepstatic.com/images/site/ 		86 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bleepstatic.com/css/redesign/news.css

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
59478
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IlOe1%2BvfwrQ8Hgzwc9FYXSCQFjfBiTSCAgCP6JJkvTnbD%2FRIMFyrqk9xFBXYyuE%2F7LZ40WGy7RnMn7CVKYStXCfm1EeuZLZajfvzrDdV7%2FuIlMeQOrHZWbLeFg8zAUUhDJ%2BdNNg%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 18 Oct 2024 21:04:21 GMT
cf-polished
origFmt=png, origSize=129
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="calendar.webp"
vary
Accept
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d2ac95ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
86
server
cloudflare
clock.png
www.bleepstatic.com/images/site/ 		252 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bleepstatic.com/css/redesign/news.css

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
1529
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JZzxT%2BEgF6%2BTEJKjsiTMqPEnGU2tezQZVtSAmHSW6ilHz8Z0HywgNTarA%2FCU14Sip8%2FEvd%2Fw3ERuPg7WsGCMruWerXUNrdI3Q3lcOxt3oVsv8YWtqBfIT3%2B0mj7Z9psNtFhyYMU%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 07 Sep 2024 08:03:20 GMT
cf-polished
origFmt=png, origSize=1316
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="clock.webp"
vary
Accept
last-modified
Fri, 29 May 2015 07:08:14 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d2ac96ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
252
server
cloudflare
comment-light.png
www.bleepstatic.com/images/site/ 		94 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bleepstatic.com/css/redesign/news.css

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
69327
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tomOd2o3d8VumWdipVTe4S0kiY95FLqpsNtogU%2FWNBWtPkSZymbUWl701o7lXvA9My6QxRmqQo2Y80sgOLPUNT4gMKWc%2FXuPvosYk3Yw0flNpztTu95EqhAficw9FR28dYys6E%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 18 Oct 2024 18:20:12 GMT
cf-polished
origFmt=png, origSize=1034
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="comment-light.webp"
vary
Accept
last-modified
Fri, 29 May 2015 07:08:28 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d2ac98ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
94
server
cloudflare
32x32-printer.png
www.bleepstatic.com/images/site/ 		256 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=09.15.24.12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=09.15.24.12

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
59317
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1t5V83qOVsi%2BA9OG2RSqugaAABIZAWQGGEkt2QvaNy99jGVlKWet5vFa6GZ7t8Zedvl3ScEFJ4lJarbUH5gsXC9oL3mOLq3DKj7WFUqqD4ReXEkv7ieBN1JTjhwfPuZaalLi%2Bo%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 18 Oct 2024 21:07:02 GMT
cf-polished
origFmt=png, origSize=618
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="32x32-printer.webp"
vary
Accept
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d2ac99ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
256
server
cloudflare
42758747b8592c683aa2b2162019ddfa.jpg
www.bleepstatic.com/author/photos/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/author/photos/42758747b8592c683aa2b2162019ddfa.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f256b59004beadefbac9168d0380485ac8ed71a2546f2bd3d55e8702eee4d9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bleepingcomputer.com/

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
46644
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HyRfWisDMLYmZxJjAk3wxq7oneCxW791HQ4yQXMrg4a7CyPiJxYnbHDnaFhRS1cSnBkR%2Bksh5%2BqYJkZ9J84v%2FzZr5wuWbWoPEXhMcVkUZFxa5cTY1d%2FWT8uRaSSraDodKeEJmyk%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 19 Oct 2024 00:38:15 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=12322
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="42758747b8592c683aa2b2162019ddfa.webp"
vary
Accept
last-modified
Tue, 28 Sep 2021 21:25:46 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d2ac9aac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7248
server
cloudflare
h4-bg.png
www.bleepstatic.com/images/site/ 		38 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=09.15.24.12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=09.15.24.12

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
46951
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcM4pvRR5d2BbD1sug7hpN8oHtbi6B4zcID1dLzSVfmAVjywGbJRwG9uXRSgfbFGUu9lMaUGVUwnkdgmoNLL6X9tr55T9BbZVRqcwlG4T%2FylGdJiiDuNzfY40B7gIDfJG6PsXY0%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 19 Oct 2024 00:33:08 GMT
cf-polished
origFmt=png, origSize=72
date
Thu, 19 Sep 2024 13:35:39 GMT
content-type
image/webp
content-disposition
inline; filename="h4-bg.webp"
vary
Accept
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d2ac9cac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
38
server
cloudflare
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/

Response headers

age
71927
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 17:36:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 17:36:54 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/

Response headers

age
70854
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 17:54:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 17:54:47 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/

Response headers

age
69103
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 18:23:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 18:23:58 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.bleepingcomputer.com
Referer
https://fonts.googleapis.com/

Response headers

age
76826
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 16:15:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:15:15 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
configs
d.pub.network/v2/sites/bleepingcomputer-com/ 		86 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/sites/bleepingcomputer-com/configs?env=PROD
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
341e6f392b2615b8ead19ecfbd20e0baaf44f55e8f3f0e240a79500f144800c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.bleepingcomputer.com
Referer

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 13:35:41 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
292x176_data-leak.jpg
www.bleepstatic.com/content/hl-images/2024/08/16/thumb/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2024/08/16/thumb/292x176_data-leak.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d64a72fcd3fd5f78053efd2f53d052149945d775cf5933b8cfaadf71afbb7c60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
171982
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=laycBQszdpVzc6LFkUqnhzZk6PycpX%2FeEi%2Fafl8EG%2BMANz%2FywwtsSeMXnIkx1L8Rf5GasoLTQ%2BCs8pKbsS0QNOOTb4a8OXBwLkpKxpig0ey7dO%2FWgW4OL9YpfLzWcea6iD7Yo4w%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 17 Oct 2024 13:49:18 GMT
cf-polished
degrade=85, origSize=25754, status=webp_bigger
date
Thu, 19 Sep 2024 13:35:41 GMT
content-type
image/jpeg
last-modified
Fri, 16 Aug 2024 17:04:17 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5d99b69ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
6880
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
76836
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 16:15:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 16:15:05 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.85.204 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-85-204.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=2592000
timing-allow-origin
*, *
etag
"5ab8e16b5f46213840bcd403e349419c:1708851030.144644"
access-control-request-headers
X-OB-STG,X-OB-PRD
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
expires
Sat, 19 Oct 2024 13:35:41 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
990
date
Thu, 19 Sep 2024 13:35:41 GMT
content-type
image/svg+xml
last-modified
Sun, 25 Feb 2024 08:33:18 GMT
server
AkamaiNetStorage
elLoader.js
cds.connatix.com/p/529897/ Frame 3E34 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/529897/elLoader.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68e0d0d4046228c3d8c161cc837a4c289b555ff8a07b58132622c86998c4e00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"70914be879b6ef2cdb9f3433c10d5528"
x-amz-version-id
0xZDg4vh6ay_RtMFrs9iAUx7xN6NyY_8
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:41 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:41 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 08:14:58 GMT
x-amz-expiration
expiry-date="Tue, 08 Apr 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f5d9c877ab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1274
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/ 		415 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
8e0ee6b5126b27685602d7c028a175a86ddc6f51ce2c17cf99fa067ef8e59d2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
14361930948663601922
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 13:35:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 19 Sep 2024 13:35:41 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
142832
x-xss-protection
0
server
cafe
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"9108074"
age
6418
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1W8SjA0HLw20EppD6p4tKL83HNLXw1LYPL21LWMxOQ4VVXmSoJ5P%2FLURCivGD54O%2BjSG9fyG6jcUjOA5EFV%2BweIqlvSwZbES45qey2yA5m%2F16RYnO1Fhldt8rtchmJjwzwQZcyA%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 03 Jun 2024 14:55:03 GMT
cf-polished
origSize=4895
date
Thu, 19 Sep 2024 13:35:41 GMT
content-type
text/css
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
vary
Accept-Encoding
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5dc7e84ac78-YYZ
access-control-allow-origin
*
server
cloudflare
fontawesome.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 		79 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/css/fontawesome.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"2038534161"
age
3573
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vqznPXVoi%2FAQ9f7Z3eNgg6g1eDtlX8BCNdvTNQX5OwZjWenk%2BfaTvsbR4lCg2MfvtKkaCYQnAnh8yBufbpWKGxs8CEHWxW8FLDEiWpbqZfRrfSxj45TdMMyr%2BsqLkVnH%2FSbU8N8%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 03 Apr 2024 19:14:36 GMT
date
Thu, 19 Sep 2024 13:35:41 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 14 Nov 2022 22:35:03 GMT
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5dc7e87ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
17356
server
cloudflare
brands.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"2013745295"
age
971
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qDl3%2FR7e3BCOmFJ5pEhLsRZU3FomiloS%2F6mHxwOYRr%2BKFsvIUlQsGNFehwnrByQMpt4VPe8QbJBuOIQxkWG1YRt2id54fCSpAHZSxqipRaDCwzM4OlPUI5CaPresV3RjgZSIAE%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 03 Jun 2024 14:51:55 GMT
date
Thu, 19 Sep 2024 13:35:41 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 14 Nov 2022 22:34:45 GMT
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5dc7e89ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
4725
server
cloudflare
solid.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 		572 B
663 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"508050520"
age
971
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ZcMAc3%2F1xCQn7zJBGoVFk%2F1vjt6LoF8yRFAzsj84RCKNlLTpfV1pcB9cxnv6EqX1GyEiZmwhjZDoWPXYbnQbDWS3iBqDXfl4grJpD7tGcIZDAX14Zo%2BlUZCHtX4%2BmNuTxIMarY%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 24 Apr 2024 06:24:07 GMT
date
Thu, 19 Sep 2024 13:35:41 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Mon, 14 Nov 2022 22:34:55 GMT
cache-control
max-age=3024000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c59f5dc7e8bac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
325
server
cloudflare
fa-solid-900.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 		147 KB
148 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-solid-900.woff2
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
4716
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NE4oZJ1sDqVKt3nJ92ukDm4R3VDPfvFrd5%2FjregGgD5jbOSjXjZmRIKAEZYOhX%2FaOuHSgg6TFpGXkX%2Bh%2BFCXWYle2xJAmicsDdW8KL3n7XREJ%2FHdSpD5PNKMOkAD5%2BfViwtWE0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c59f5e01a3cabbb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
150472
date
Thu, 19 Sep 2024 13:35:42 GMT
content-type
application/octet-stream
last-modified
Mon, 14 Nov 2022 22:33:11 GMT
vary
Accept-Encoding
server
cloudflare
spc_fi.php
cdn.firstimpression.io/delivery/ 		39 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&charset=UTF-8&ch=6&ref=www.bleepingcomputer.com&viewerId=null&referer=&_firid=54750835
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-119.ewr53.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
8c6461f74d9b94f86a3fb0850ec1d92dcf17d570843e5635288481b765786048

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer

Response headers

Content-Encoding
gzip
Expires
0
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
X-Amz-Cf-Id
oXiM7NkGT9BqRlXiX_10EQdcOtNesTmon7VN9nVLlbLWnUCxXMI4WQ==
Date
Thu, 19 Sep 2024 13:35:43 GMT
Content-Type
application/json; charset=UTF-8
Vary
Accept-Encoding
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Content-Length
7807
X-Amz-Cf-Pop
EWR53-P1
Server
Apache/2.4.38 (Debian)
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GD465VRQLD&gtm=45je49h0v878037826za200&_p=1726752939505&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1870454902.1726752942&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726752942&sct=1&seg=0&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&dt=Malware%20locks%20browser%20in%20kiosk%20mode%20to%20steal%20Google%20credentials&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Sep 2024 13:35:43 GMT
content-type
text/plain
server
Golfe2
fa-brands-400.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 		105 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-brands-400.woff2
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
4716
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vv%2F%2BK92sq%2BOwAear725YDwnlv1ueZ%2BLChhCTTsIhMUV1br8%2BgRiwLA2Rd%2F9Hvz54xMMK6I9H48bbHtgNRfxN4t0%2FqcmdDrZSN48c53IpE7KVZQLg7ocWLmogji0CN%2FKqx5PX3w%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c59f5e1fbfaabbb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
107460
date
Thu, 19 Sep 2024 13:35:42 GMT
content-type
application/octet-stream
last-modified
Mon, 14 Nov 2022 22:32:23 GMT
vary
Accept-Encoding
server
cloudflare
connatix.player.js
cds.connatix.com/p/529897/ Frame 3E34 		456 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/elLoader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7105f483747f63150937eba447c9a0e87f5bcf1e9f6724526f7951aa60af4290

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"545e658c8a34d995c5c6c7a663f4a2e7"
x-amz-version-id
VvVqJytrL3mU3qL96rgSlGX9gnzjgqDs
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:42 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:42 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 08:14:58 GMT
x-amz-expiration
expiry-date="Tue, 08 Apr 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f5e1ffa9ab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
108666
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		106 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
8cba9c0bad6ab9ae56a8adf99dc81e16d1d658d8e49c999640f347aa6cbbb339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
549 / 19985 / m202409160104 / config-hash: 3692081673757629763
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 13:35:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 19 Sep 2024 13:35:43 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
32738
x-xss-protection
0
server
cafe
prebid-analytics-8.49.81.js
a.pub.network/core/ 		593 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-8.49.81.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fe3fa9b6d5ba52dff72560f9ba9b7fde8bf8a1b1a9e3f0aaabccc1bd6ce07ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=kPT46g==, md5=9cepNFgn1nX+jDkUyROAvw==
cf-cache-status
HIT
etag
W/"f5c7a9345827d675fe8c3914c91380bf"
age
65161
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Fri, 20 Sep 2024 13:35:42 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
606896
date
Thu, 19 Sep 2024 13:35:42 GMT
content-type
text/javascript
last-modified
Tue, 10 Sep 2024 12:12:54 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8lju1Q8woMnY3co7iQiyQif6za1lDc8nkqUboWbi6S3H2dXU4uJ3z40t7m1xOhB5HoYFfutU
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8c59f5e22c4436c4-YYZ
access-control-allow-origin
*
x-goog-generation
1725970374602566
server
cloudflare
pubfig.engine.js
a.pub.network/core/pubfig/5.111.0/ 		426 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d414c52b82ece25589771f72028163e28027d693ac1e75e2b0c5feb2ba2e893
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=wDy7tg==, md5=Ms3QurXllUEvAW+GmDcnjw==
cf-cache-status
HIT
etag
W/"32cdd0bab5e595412f016f869837278f"
age
65153
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Thu, 19 Sep 2024 14:35:42 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
436593
date
Thu, 19 Sep 2024 13:35:42 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 13:12:48 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljuP7iwO0ihWp1Tw84YxiHJidDs-vi6FIQGyKm-3hFNxo65b-NASh2Jld-qXklSolrvMHlI
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8c59f5e24c6b36c4-YYZ
access-control-allow-origin
*
x-goog-generation
1726492368365191
server
cloudflare
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240916/r20110914/ Frame 8684 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240916/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
443
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4126
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Sep 2024 13:28:20 GMT
etag
14908419571193397619
expires
Thu, 03 Oct 2024 13:28:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 19 Sep 2024 13:35:42 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame 97AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1726267479&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiepr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726752941151&bpp=6&bdt=2752&idt=1403&shv=r20240916&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1586041321925&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31087218%2C95342765%2C95342338&oid=2&pvsid=2992154380907323&tmod=2139344520&uas=0&nvt=1&fsapi=1&fc=896&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=1619
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
66
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Sep 2024 13:35:43 GMT
expires
Thu, 19 Sep 2024 13:35:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
tag.escalated.io/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.131.10.225 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-10-225.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a03fdbfe8dbcbbd024b57f3764d78b07bc70960c6396b499820d887eff0a7fb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"66c752ad-f905"
Connection
keep-alive
Date
Thu, 19 Sep 2024 13:35:43 GMT
Content-Type
application/javascript
Last-Modified
Thu, 22 Aug 2024 15:01:01 GMT
Server
nginx
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/ 		479 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
77879f54400e07c9d73fefd1e1e06fd736e7dbeffea7669790620753125671ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
10756395476737303338
age
429
x-content-type-options
nosniff
expires
Fri, 19 Sep 2025 13:28:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 19 Sep 2024 13:28:34 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152737
x-xss-protection
0
server
cafe
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bleepingcomputer.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
27fef41607c030eacd65dbe7c28aedcc901aeb9d08c25207fd66ac5be0288882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 19 Sep 2024 13:35:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
381
date
Thu, 19 Sep 2024 13:35:44 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
player.user.manager.service.js
cds.connatix.com/p/529897/ Frame 3E34 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/529897/player.user.manager.service.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a1a3bc747f7bb1a52106937267d02198d2bdccc668a67853764f7241ad4808

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"1ca4c520ea61e986ad3eb913edfa2105"
x-amz-version-id
sSBlqo_pl8VNWcPg1pdv.UkvbrPKOijx
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:43 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:43 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 08:14:58 GMT
x-amz-expiration
expiry-date="Tue, 08 Apr 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f5eb1fe2ab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
15496
server
cloudflare
player.renderer.js
cds.connatix.com/p/529897/ Frame 3E34 		194 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/529897/player.renderer.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa41feda3b4e9bf1010184194f6efce135a41003d0121cbb67c01ab4e2601ff6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"9d2dfe0ac2f189bf35bbfca5bdb601b6"
x-amz-version-id
3nWxxjOb8_GkqeaSFE62nFYl3VFPTZCe
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:43 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:43 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 08:14:58 GMT
x-amz-expiration
expiry-date="Tue, 08 Apr 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f5eb1fe5ab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
45687
server
cloudflare
cSyncRemoteEntry.js
cds.connatix.com/p/529897/ Frame 3E34 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/529897/cSyncRemoteEntry.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eb6e81bf3a8a50152b753f818a4567ad8efb3aaf7e993f9fef8fc27803510a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"12cf9a878331d0c82281750047fb8284"
x-amz-version-id
3fHcwAE9GSd11V1W3cyUmzfCuGMUeG0m
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:43 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:43 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 08:14:57 GMT
x-amz-expiration
expiry-date="Tue, 08 Apr 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f5eb1feaab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1395
server
cloudflare
player.style.1437465e05a3752bfca8.css
cds.connatix.com/a/ 		67 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/a/player.style.1437465e05a3752bfca8.css
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81dbe7f87a0b8060dc32882642f85aec878821d8f148f4d4ebe602e7438ef4d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"97dca2b9b2249d84b154ab6e042e70e4"
x-amz-version-id
NKl.o.sA.DvHy6lae45Inm03f8rnLO3j
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:43 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:43 GMT
content-type
text/css
last-modified
Wed, 18 Sep 2024 11:16:17 GMT
vary
Accept-Encoding
access-control-allow-headers
range
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f5eb1febab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
9346
server
cloudflare
player.hls.608c5839285a15038640.js
cds.connatix.com/a/ 		290 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/a/player.hls.608c5839285a15038640.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01edf57373c19ed033b0737420a8ef2409aa35a7b5b0f44e955a1e11c7907e6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"56057def5be330e63a9ae8e6b2f04ebe"
x-amz-version-id
wVW_LiQiS5sM_KFJ6qlJIlVRJiH78U8q
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:43 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:43 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 08:14:59 GMT
vary
Accept-Encoding
access-control-allow-headers
range
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f5eb1fecab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
76690
server
cloudflare
player.ads.js
cds.connatix.com/p/529897/ Frame 3E34 		406 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/529897/player.ads.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d6f9b18eab6720a2cd2440fbef594969273df0628650f5ed3b9b18690ec5184

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"8689abaffde4a3ac85ee2c0c281c508b"
x-amz-version-id
z.EqgJ32KYsnYRLXBTpe8TU4nlnHQBh0
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:43 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:43 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 08:14:58 GMT
x-amz-expiration
expiry-date="Tue, 08 Apr 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f5eb1feeab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
92955
server
cloudflare
/
optimise.net/ 		7 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=bleepingcomputer.com&t=desktop&c=CA&r=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
db47f42ded2fe4cff968c9923000cde18dec257d90a3ac4adc6b9edcaed14e3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm
0

Response headers

access-control-max-age
3600
access-control-expose-headers
fs-client-rtt,fs-country
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
expires
0
fs-client-rtt
19
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 13:35:44 GMT
content-type
application/json
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
fs-country
CA
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=bleepingcomputer.com&t=desktop&c=CA&r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key,x-lm
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
fs-client-rtt,fs-country
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 19 Sep 2024 13:35:44 GMT
expires
0
fs-client-rtt
19
fs-country
CA
pragma
no-cache
strict-transport-security
max-age=31536000
via
1.1 google
mny
capi.connatix.com/core/ Frame 3E34 		33 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/mny?v=529897&cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240a37b73aca09b1e2bfe1ebbf4902253f88dc8a15fd08441f69681b12516133

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
multipart/form-data
Referer

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f5ed5feea21c-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=86400
content-length
14569
date
Thu, 19 Sep 2024 13:35:44 GMT
content-type
application/x-protobuf
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
295.js
cds.connatix.com/p/529897/ Frame 3E34 		68 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/529897/295.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05256c56af95cb837667423c41546cb335d4c08c1f9710242030ccc3d5a20bb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"8c457b3683038f8898f429fac2e2941c"
x-amz-version-id
eEx_pCd08iyHhFMrGroxqYNU6fO0nKpE
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:44 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:44 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 08:14:57 GMT
x-amz-expiration
expiry-date="Tue, 08 Apr 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f5ed8a1aab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
18039
server
cloudflare
589.js
cds.connatix.com/p/529897/ Frame 3E34 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/529897/589.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ba7c2cea36307f37734f947f5f6d99f1d31baa5c75bc27b9e84a25e0e1df22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"8075e3f64e0ea8e91ac3a7c35d4ef4ad"
x-amz-version-id
2rJqaNWNVqKKiu4quD0HU.IMyehUX2s_
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:44 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:44 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 08:14:57 GMT
x-amz-expiration
expiry-date="Tue, 08 Apr 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f5ed8a1cab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
3291
server
cloudflare
402.js
cds.connatix.com/p/529897/ Frame 3E34 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/529897/402.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa893c86f2012f6b8743199994a4b733b32070b86df6bfe437e3feb2adb23303

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"6697ed05357fe938e50b87136896344e"
x-amz-version-id
R.WV7aGH04J6I57dFBt7AyKaeGlnlOIz
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:44 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:44 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 08:14:57 GMT
x-amz-expiration
expiry-date="Tue, 08 Apr 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f5ed8a1eab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1116
server
cloudflare
/
capi.connatix.com/metrics/ Frame 3E34 		0
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/metrics/?v=529897&tier=2
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
multipart/form-data
Referer

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f5ef5b07abf7-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=86400
content-length
20
date
Thu, 19 Sep 2024 13:35:44 GMT
content-type
application/x-protobuf
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Sep 2024 13:35:44 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 19 Sep 2024 13:35:44 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
sync
capi.connatix.com/core/ Frame 3E34
Redirect Chain
  • https://capi.connatix.com/core/sync
  • https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a9cec6624a83288728425ca1481245a108d71c30163a8c16f08bf87d06005a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f5f8f94ca21c-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=86400
content-length
2580
date
Thu, 19 Sep 2024 13:35:46 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

Redirect headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
location
https://capi.connatix.com:443/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f5f10b10a21c-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:44 GMT
content-type
application/x-protobuf
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
pls
capi.connatix.com/core/ Frame 3E34 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=529897&cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
596e05d795ac197c7c3b6512fa2d32ff1d95c765efa6c8c4e4864f8f0298126e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
multipart/form-data
Referer

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f5f10b14a21c-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=86400
content-length
1248
date
Thu, 19 Sep 2024 13:35:44 GMT
content-type
application/x-protobuf
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 19 Sep 2024 13:35:45 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
220843
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 19 Sep 2024 13:35:45 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
193312
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		96 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcca58e2a08d18c93cc090844885c2187edeea3674a5ebd45720374e65c295af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"495e6a679b34a0779f0daee6583968a7"
age
221
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:44 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 12:42:02 GMT
vary
Accept-Encoding
x-amz-id-2
+y4FjhPJ/Mttif/pBwKhYS87OP5lLqHJ3llqY6YbOvrDq3/pwOal2zUo3LIBHAfH/9A0mqRVt6A=
cache-control
public, max-age=900, stale-while-revalidate=3600
x-amz-request-id
REAQ8TYD20TG5237
cf-ray
8c59f5f1eb5b5401-YYZ
accept-ranges
bytes
content-length
21421
server
cloudflare
x-amz-server-side-encryption
AES256
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Server
172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f42a674b938beee58f1bdde8256a3e75c46999fc0adf2826288323edcff440f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"f1f304d1058f75ea7cf741368762a9b9"
age
330
via
1.1 google
cf-ray
8c59f6054ed154d3-YYZ
accept-ranges
bytes
content-length
19474
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
application/javascript
last-modified
Thu, 19 Sep 2024 13:26:34 GMT
vary
Origin, Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=3600
location
https://btloader.com/tag?h=freestar-io&upapi=true
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFLliAXHqyBBHNMw%2BvZy%2Fp0o4QezANxqlQuhpRh4QuWkY0YKQeeCs33RAFBDh7scfNRJCOM3xkPH38McMbYkfjvIUBFpoKRdqnrdHou4deZPhas7iTs%2BRUXBOomZKobYxDGMllCtQiPsIgASEBHyuA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c59f5f24b6cab42-YYZ
expires
Thu, 19 Sep 2024 14:35:45 GMT
content-length
167
date
Thu, 19 Sep 2024 13:35:45 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
apstag.js
c.amazon-adsystem.com/aax2/ 		324 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"907cbdd883935369790d45cc9bd9e8b7"
age
2777
via
1.1 22e9d361a9c4153886c1c8aa0eb4ffa8.cloudfront.net (CloudFront), 1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
M8IstKEPGMtjAG4HA58a-mKbHFNcO3XR6B5pmwg76a-cN7eHA3XJwA==
date
Thu, 19 Sep 2024 12:49:29 GMT
content-type
application/javascript
last-modified
Wed, 28 Aug 2024 22:46:37 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
x-amz-server-side-encryption
AES256
hadron.js
cdn.hadronid.net/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=432000
content-encoding
br
cf-bgj
minify
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
age
107
cf-cache-status
HIT
x-amz-request-id
4GNTEWM5RE8S976C
expires
Tue, 24 Sep 2024 13:35:45 GMT
cf-ray
8c59f5f439c239e4-YYZ
date
Thu, 19 Sep 2024 13:35:45 GMT
content-type
application/javascript
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=
4d97a662ad
pb-rtd.ccgateway.net/v1.0/realtime/ 		0
0
edgekit.min.js
cdn.edkt.io/PV483g/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/PV483g/edgekit.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9b6a8166404c55bd5b9148597b0492dc78a7eb7fe6d8ca6050ebb655656e1f4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=Nev1nw==, md5=nyXRH79gkPNZYWtFib0k0A==
etag
"9f25d11fbf6090f359616b4589bd24d0"
age
15795
x-goog-stored-content-encoding
gzip
expires
Fri, 20 Sep 2024 09:12:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6718
date
Thu, 19 Sep 2024 09:12:30 GMT
last-modified
Wed, 18 Sep 2024 09:39:37 GMT
content-type
text/javascript
x-guploader-uploadid
AD-8ljusAHrX3G0J0V0RF3mRBkIFroCg2n6Avb9Kjmeutg0GxpxGbahQSQP36DF679hifLFLA1E
cache-control
public, max-age=86400,no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1726652377074854
content-length
6718
server
UploadServer
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.8&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.8&coppa=0&b=1&tp=ohqGK%2FjR%2BpbTvHaSzLLbzuGo00wRZuFk8hlfLOYMQI0%3D
42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.8&coppa=0&b=1&tp=ohqGK%2FjR%2BpbTvHaSzLLbzuGo00wRZuFk8hlfLOYMQI0%3D
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Thu, 19 Sep 2024 13:35:46 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.8&coppa=0&b=1&tp=ohqGK%2FjR%2BpbTvHaSzLLbzuGo00wRZuFk8hlfLOYMQI0%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Sep 2024 13:35:45 GMT
vary
origin
fed
ups.analytics.yahoo.com/ups/58657/ 		391 B
933 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58657/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/&pixelId=58657
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.147.92.12 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
e2.ycpi.vip.dca.yahoo.com
Software
ATS /
Resource Hash
f33f18c1cc424c1246d4bc672be234aa2e671e772b4c8d8edfc8db45fe9b3560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Thu, 19 Sep 2024 13:35:45 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Origin
server
ATS
json
gum.criteo.com/sid/ 		392 B
694 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5486f42f6d7f1fb3adbf924bbec4d772a8adc5d2e4b0cff68f5c076eb9e76f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
396384
expires
0
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:45 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.bleepingcomputer.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21d40d06dd91e757348c94fbd108af537e80b902b5878421ff4445440fdf998

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

content-encoding
br
allow
POST, OPTIONS, GET
cf-ray
8c59f6013b40aafd-YYZ
access-control-allow-origin
*
date
Thu, 19 Sep 2024 13:35:47 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		194 B
673 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.bleepingcomputer.com
p3p
CP="CAO PSA OUR"
date
Thu, 19 Sep 2024 13:35:44 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
0
any
idx.liadm.com/idex/did-0047/ 		126 B
548 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0047/any?duid=83077f409aa5--01j857xwvpfdt0vces3nt7r7w2&did=did-0047&cd=.bleepingcomputer.com&pu=https%3A%2F%2Fwww.bleepingcomputer.com&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=thetradedesk&resolve=medianet
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.102.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-102-116.compute-1.amazonaws.com
Software
/
Resource Hash
7007c0fb4b03f9e05635501c0df192f63fb6c1299bb1c68a96e89547672464d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=86399, private
trace-id
0c8182a225429044
request-time
4
access-control-allow-credentials
true
expires
Fri, 20 Sep 2024 13:35:49 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
126
date
Thu, 19 Sep 2024 13:35:49 GMT
content-type
text/plain; charset=UTF-8
vary
Origin
rid
match.adsrvr.org/track/ 		109 B
574 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
c1ad6bd5489638d911abe841a4f8a813d2b2494deea4680eca2ed7800fc8fcbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Sat, 19 Oct 2024 13:35:48 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.8&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.8&coppa=0&b=1&tp=Iwa2%2Bz9mbyC0JJ1QPCij7sSz5jHf3eUg5hJRTuYRb%2BI%3D
42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.8&coppa=0&b=1&tp=Iwa2%2Bz9mbyC0JJ1QPCij7sSz5jHf3eUg5hJRTuYRb%2BI%3D
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Thu, 19 Sep 2024 13:35:46 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.8&coppa=0&b=1&tp=Iwa2%2Bz9mbyC0JJ1QPCij7sSz5jHf3eUg5hJRTuYRb%2BI%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Sep 2024 13:35:45 GMT
vary
origin
fed
ups.analytics.yahoo.com/ups/58657/ 		391 B
591 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58657/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/&pixelId=58657
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.147.92.12 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
e2.ycpi.vip.dca.yahoo.com
Software
ATS /
Resource Hash
6d8c3b7b5477520ecbc76836ecae08b0190393f41aa66ef4687e1a7284877e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Thu, 19 Sep 2024 13:35:45 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Origin
server
ATS
json
gum.criteo.com/sid/ 		399 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
138d104fdec9cad8910a9cb29e4fb35e23fb0814a9afbd2cdf94c84346cbe6f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
501381
expires
0
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:45 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.bleepingcomputer.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21d40d06dd91e757348c94fbd108af537e80b902b5878421ff4445440fdf998

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

content-encoding
br
allow
POST, OPTIONS, GET
cf-ray
8c59f6017b73aafd-YYZ
access-control-allow-origin
*
date
Thu, 19 Sep 2024 13:35:47 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		194 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.bleepingcomputer.com
p3p
CP="CAO PSA OUR"
date
Thu, 19 Sep 2024 13:35:45 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
any
idx.liadm.com/idex/did-0047/ 		126 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/did-0047/any?duid=83077f409aa5--01j857xwvpfdt0vces3nt7r7w2&did=did-0047&cd=.bleepingcomputer.com&pu=https%3A%2F%2Fwww.bleepingcomputer.com&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=thetradedesk&resolve=medianet
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.102.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-102-116.compute-1.amazonaws.com
Software
/
Resource Hash
7007c0fb4b03f9e05635501c0df192f63fb6c1299bb1c68a96e89547672464d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
max-age=86399, private
trace-id
0c8182a225429044
request-time
4
access-control-allow-credentials
true
expires
Fri, 20 Sep 2024 13:35:49 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
126
date
Thu, 19 Sep 2024 13:35:49 GMT
content-type
text/plain; charset=UTF-8
vary
Origin
rid
match.adsrvr.org/track/ 		109 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
c1ad6bd5489638d911abe841a4f8a813d2b2494deea4680eca2ed7800fc8fcbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Sat, 19 Oct 2024 13:35:48 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
j
rp.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1726752946175&did=did-0047&se=e30&duid=83077f409aa5--01j857xwvpfdt0vces3nt7r7w2&tv=8.49.8&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-b...
  • https://rp.liadm.com/j?dtstmp=1726752946175&did=did-0047&se=e30&duid=83077f409aa5--01j857xwvpfdt0vces3nt7r7w2&tv=8.49.8&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-b...
13 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?dtstmp=1726752946175&did=did-0047&se=e30&duid=83077f409aa5--01j857xwvpfdt0vces3nt7r7w2&tv=8.49.8&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&wpn=prebid&cd=.bleepingcomputer.com&n3pc=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Server
3.231.87.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-87-30.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-pixel-event-id
48091d77-b59a-4395-9b33-60f67632f059
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
13
date
Thu, 19 Sep 2024 13:35:47 GMT
content-type
application/json

Redirect headers

access-control-allow-origin
https://www.bleepingcomputer.com
location
/j?dtstmp=1726752946175&did=did-0047&se=e30&duid=83077f409aa5--01j857xwvpfdt0vces3nt7r7w2&tv=8.49.8&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&wpn=prebid&cd=.bleepingcomputer.com&n3pc=true
content-length
0
access-control-expose-headers
*
date
Thu, 19 Sep 2024 13:35:46 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET
quant.js
secure.quantserve.com/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"tIg8n6xaLBY4WwNLLw9OGA=="
expires
Thu, 26 Sep 2024 13:35:47 GMT
accept-ranges
bytes
date
Thu, 19 Sep 2024 13:35:47 GMT
content-type
application/javascript
vary
Accept-Encoding
load.js
s.ntv.io/serve/ 		584 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.136.16 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-136-16.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
666d6102b5206bb70da7195aee0bf0d23dff1fdbed22ef259e3c54c64c36080d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Encoding
gzip
ETag
"d60eb6fe00eef8c9bb54308f9f90dd19"
Access-Control-Allow-Methods
GET
Date
Thu, 19 Sep 2024 13:35:47 GMT
Last-Modified
Tue, 17 Sep 2024 00:37:58 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
x-amz-id-2
jOZLV511d6I1dslMn5XOmbT/+n2jiYjIgimtc68ivUD8fyYY+y4ZqNdhNlmNAslJXyPYFrGJ6MA=
Transfer-Encoding
chunked
Access-Control-Allow-Headers
*
Cache-Control
public, max-age=3600
Connection
keep-alive, Transfer-Encoding
x-amz-request-id
42EG73F1060TERFZ
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Server
AmazonS3
x-amz-server-side-encryption
AES256
freestar_close_button.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/freestar_close_button.svg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.bleepingcomputer.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=xUDeFg==, md5=1OG2/3P8Bvg2SBLmidtA+g==
cf-cache-status
HIT
etag
W/"d4e1b6ff73fc06f8364812e689db40fa"
age
347
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Thu, 19 Sep 2024 14:35:46 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1211
date
Thu, 19 Sep 2024 13:35:46 GMT
content-type
image/svg+xml
last-modified
Wed, 04 Sep 2024 08:16:13 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8lju3JVB9D2pxcudGjEggCe4mZHb222ZdPG5QuC7gHLVPUKoAU4KPWmPN6hw6KkOEVoJMK_o
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8c59f5faf9cf36c4-YYZ
access-control-allow-origin
*
x-goog-generation
1725437773526766
server
cloudflare
page_load
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 		0
0
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
cf-cache-status
HIT
etag
W/"326d6cbd977657e1205bd616d1f2faca"
age
347
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Thu, 19 Sep 2024 14:35:46 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1193
date
Thu, 19 Sep 2024 13:35:46 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljvrL56LvqX7Tk-LtYP06ibHGp9GWz8wz50-SX_uQHMAijRBb80JvVj85ld2rvXTgMu9lkQ
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8c59f5fbca6536c4-YYZ
access-control-allow-origin
*
x-goog-generation
1599584677716817
server
cloudflare
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 7BE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2037
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29981
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Sep 2024 13:01:50 GMT
expires
Thu, 19 Sep 2024 13:51:50 GMT
last-modified
Mon, 16 Sep 2024 19:45:28 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
insights.bin
ins.connatix.com/01edb87e-dd11-404d-8bd2-399ed97b314b/402/ Frame 3E34 		794 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/01edb87e-dd11-404d-8bd2-399ed97b314b/402/insights.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
243c0d12ad72ec2edb96e7ca4195e6421deef3fe9837c4c1736f7a3334cdcbf6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"73675a4bc92c325eade281e1c77a6137"
access-control-allow-methods
GET, HEAD
cf-ray
8c59f6054f29ac39-YYZ
expires
Fri, 19 Sep 2025 13:35:48 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
application/x-protobuf
last-modified
Thu, 19 Sep 2024 08:58:20 GMT
vary
Accept-Encoding
server
cloudflare
402_media.bin
vid.connatix.com/pid-de820c7a-cd3f-49f4-9038-04e5790f8d5e/01edb87e-dd11-404d-8bd2-399ed97b314b/ca430171-8e6c-4d5b-ac3a-fc7145bd71a8/ Frame 3E34 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-de820c7a-cd3f-49f4-9038-04e5790f8d5e/01edb87e-dd11-404d-8bd2-399ed97b314b/ca430171-8e6c-4d5b-ac3a-fc7145bd71a8/402_media.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2fac048783c64eaa466fcc19026ca88642b2a2e91b20c9c834d16cd8db1ec0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
W/"220ed64612d5403c2faf98dcca9dc706"
xpid
de820c7a-cd3f-49f4-9038-04e5790f8d5e
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:48 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
application/x-protobuf
last-modified
Thu, 19 Sep 2024 08:58:19 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-headers
range
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f605487aac9c-YYZ
access-control-allow-origin
*
server
cloudflare
player.iframe.integration.destroy.36a6acd4c6a25adcf984.js
cds.connatix.com/a/ 		748 B
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/a/player.iframe.integration.destroy.36a6acd4c6a25adcf984.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cbf3c422de9dd1138a40ce357476ce8ae988f0a2a1f3a72f8679ccd5b67aa10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"e04bbcdba134b1982da8b729c45bc255"
x-amz-version-id
BBRcpFxM0cqNCbT0Pl6K5H4upWy4YSjG
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:46 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:46 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 08:14:59 GMT
vary
Accept-Encoding
access-control-allow-headers
range
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f5fcb8e7ab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
378
server
cloudflare
insights.bin
ins.connatix.com/52a0506d1ff06142322930b9f68e7f61/ Frame 3E34 		576 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/52a0506d1ff06142322930b9f68e7f61/insights.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b907cb03a10c5d88a8d0dcf23a4ca5086c15d8af3d9ac5a06ef04c40cc6ff0f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"e7a8c7ed74a46ba2e547cd561d5b0ed5"
access-control-allow-methods
GET, HEAD
cf-ray
8c59f6054f2aac39-YYZ
expires
Fri, 19 Sep 2025 13:35:48 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
application/x-protobuf
last-modified
Sat, 14 Sep 2024 14:09:42 GMT
vary
Accept-Encoding
server
cloudflare
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DIndex%26api-tier%3D1%26uid%3D&gdpr=0
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DIndex%26api-tier%3D1%26uid%3D&gdpr=0&s=190549&C=1
  • https://cks.connatix.com/cks?pid=17&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Index&api-tier=1&uid=ZuwotNHM6VUAAGKwAFEXggAA%263513
139 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=17&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Index&api-tier=1&uid=ZuwotNHM6VUAAGKwAFEXggAA%263513
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d87e2f37df4c75db4d67eb4bd8013a83624b0e4d0ed2d98460b060c6572a8b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f60aad0cab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache
location
https://cks.connatix.com/cks?pid=17&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Index&api-tier=1&uid=ZuwotNHM6VUAAGKwAFEXggAA%263513
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G9EKeNzfXJzV%2FuS1Ke8jdsWnLbVN50WT71FmOxoR6ICexBV5aR3tPvjPY%2FtJ2lpON7xnyYaa1QpeGqQmBfSf4JdNC6a9N2DIZ1x1nn8iyvVz9Hbt92E5IpuRvb%2BlKBVCGdu4pXFe"}],"group":"cf-nel","max_age":604800}
cf-ray
8c59f608d835ac00-YYZ
expires
0
alt-svc
h3=":443"; ma=86400
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Thu, 19 Sep 2024 13:35:48 GMT
vary
Accept-Encoding
server
cloudflare
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&g...
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&g...
  • https://cks.connatix.com/cks?pid=15&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Beeswax&api-tier=1&uid=AABZak7N2FIAABYXV8En4A&gdpr=0
132 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Beeswax&api-tier=1&uid=AABZak7N2FIAABYXV8En4A&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b5ae240a18bb64b5ba3fa62d80ad8c4c725ba64f5fefdbe21f6e743a233a7e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f65f5924ab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:36:02 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

strict-transport-security
max-age=2592000; includeSubDomains
location
https://cks.connatix.com/cks?pid=15&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Beeswax&api-tier=1&uid=AABZak7N2FIAABYXV8En4A&gdpr=0
Content-Length
0
Date
Thu, 19 Sep 2024 13:36:02 GMT
Server
gunicorn
Connection
keep-alive
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://cks.connatix.com/cks?pid=19&uid=bc8b0835-1393-4f63-9270-2da844e8deab&ttl=1729344948
146 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=bc8b0835-1393-4f63-9270-2da844e8deab&ttl=1729344948
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a065f497cb52a6558614c63c0859a4fcfca8f518311de1f096f8cea2987f9197

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f60aad0fab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

location
https://cks.connatix.com/cks?pid=19&uid=bc8b0835-1393-4f63-9270-2da844e8deab&ttl=1729344948
content-length
213
date
Thu, 19 Sep 2024 13:35:48 GMT
server
Kestrel
cks
cks.connatix.com/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DAmobee%26api-tier%3D1%26uid%3D%23USER_ID%23&gdpr=0
  • https://cks.connatix.com/cks?pid=21&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Amobee&api-tier=1&uid=4431262957904967240
129 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=21&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Amobee&api-tier=1&uid=4431262957904967240
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b2c08d9c7d102f02ed572e35f74134af4f5d371724c580ea5cec9a703d8bd20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f65f390fab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:36:02 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location
https://cks.connatix.com/cks?pid=21&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Amobee&api-tier=1&uid=4431262957904967240
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length
0
pragma
no-cache
date
Thu, 19 Sep 2024 13:35:59 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DTripleLift%26api-tier%3D1%26uid%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DTripleLift%26api-tier%3D1%26uid%...
  • https://cks.connatix.com/cks?pid=25&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=TripleLift&api-tier=1&uid=515864219262712206300
131 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=25&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=TripleLift&api-tier=1&uid=515864219262712206300
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f920e116356ae38e87ea22d6fdccc1aacf08465f9d4ee28ff11a81d6ae1477e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f6103a73ab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:49 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://cks.connatix.com/cks?pid=25&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=TripleLift&api-tier=1&uid=515864219262712206300
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Thu, 19 Sep 2024 13:35:49 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DAppNexus%26api-tier%3D1%26uid%3D%24UID=&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D6%2526ev%253D660e6b66996a490e85b1a7c15e2b4b7f%2526pname%253DAppNexus%2526api-tier%253D1%2526uid%...
  • https://cks.connatix.com/cks?pid=6&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=AppNexus&api-tier=1&uid=581897326773403389=&gdpr=0
128 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=AppNexus&api-tier=1&uid=581897326773403389=&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d72ab5cce5d1e94e1a518bc852d8680fb9f54f90d05af08aba41cac5631b0a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f6103a74ab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:49 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, private
location
https://cks.connatix.com/cks?pid=6&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=AppNexus&api-tier=1&uid=581897326773403389=&gdpr=0
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
154.47.17.56; 154.47.17.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
fdff468b-5e0c-4781-a982-a36d24eb217e
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 19 Sep 2024 13:35:49 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
cks
cks.connatix.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D44%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DNexxen%26api-tier%3D1%26uid%3D%5BRX_UUID%5D...
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&zcc=1&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D44%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DNexxen%26api-tier%3D1%26uid%3D%5BRX_U...
  • https://ad.turn.com/r/cs?pid=45&id=RX-77f2fc8e-b914-43b5-afd5-d80cfef17de3-005&rndcb=1945522523
  • https://sync.1rx.io/usersync/turn/8015622402356240821?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-77f2fc8e-b914-43b5-afd5-d80cfef17de3-005?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D44%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DNexx...
  • https://cks.connatix.com/cks?pid=44&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Nexxen&api-tier=1&uid=RX-77f2fc8e-b914-43b5-afd5-d80cfef17de3-005
153 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=44&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Nexxen&api-tier=1&uid=RX-77f2fc8e-b914-43b5-afd5-d80cfef17de3-005
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c9adb6edd818867c01ecd4e2bb2725a50ae7bc70b841e44673d8ff857daa9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f660fa96ab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:36:02 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

location
https://cks.connatix.com/cks?pid=44&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Nexxen&api-tier=1&uid=RX-77f2fc8e-b914-43b5-afd5-d80cfef17de3-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Thu, 19 Sep 2024 13:36:07 GMT
etag
RX77f2fc8eb91443b5afd5d80cfef17de3005
content-type
text/html
pixel
capi.connatix.com/us/
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&nwid=3630&gdpr=0&gdpr_consent=null&url=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d40%26ev%3d660e6b66996a490e85b1a7c15e2b4b7f%26pname%3dSmartA...
  • https://capi.connatix.com/us/pixel?puid=1025924811267706626&pId=40&gdpr=0&gdpr_consent=
82 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/us/pixel?puid=1025924811267706626&pId=40&gdpr=0&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

surrogate-control
no-cache, no-store, must-revalidate, max-age=0
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8c59f618a9a2a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
95
date
Thu, 19 Sep 2024 13:35:51 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

Redirect headers

cache-control
no-cache,no-store
location
https://capi.connatix.com/us/pixel?puid=1025924811267706626&pId=40&gdpr=0&gdpr_consent=
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Thu, 19 Sep 2024 13:35:50 GMT
pragma
no-cache
cookie
c1.adform.net/ 		35 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/cookie?redirect_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D46%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DAdForm%26api-tier%3D1%26uid%3D%24UID&gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/589.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7fff1569ea68ef52782ba25b0cf3934627f7a4fc1e8e22f4652de959c5f97978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
date
Thu, 19 Sep 2024 13:35:49 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame F696 		0
0
/
de.tynt.com/deb/ Frame C10F
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D660e6b66996a490e85b1a7c15e2b4b7f%26DemandPartnerN...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D660e6b66996a490e85b1a7c15e2b4b7f%26DemandPartnerName%3D_3...
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 69CA 		0
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d660e6b66996a490e85b1a7c15e2b4b7f%26pname%3...
  • https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=0f918fba-cde2-4226-9f81-74432a0e5288&gdpr=0&gdpr_consent=null
146 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=0f918fba-cde2-4226-9f81-74432a0e5288&gdpr=0&gdpr_consent=null
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da364092fcca0c03c8d90746adf78abd28edf7c2cce987ff76a7cd5efdf215c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f60f296aab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:49 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
location
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=0f918fba-cde2-4226-9f81-74432a0e5288&gdpr=0&gdpr_consent=null
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DPulsePoint%26api-tier%3D1%26uid%3D%...
  • https://cks.connatix.com/cks?pid=13&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=PulsePoint&api-tier=1&uid=entIUMJq7Y6Q
122 B
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=13&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=PulsePoint&api-tier=1&uid=entIUMJq7Y6Q
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c089ec01c2c92834a46aed993389441d6f42c56bca11e8efd071c10ccafb5040

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f61769b8ab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:50 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
location
https://cks.connatix.com/cks?pid=13&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=PulsePoint&api-tier=1&uid=entIUMJq7Y6Q
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-85f9594754-qjq7d
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
server
Jetty(10.0.14)
cks
cks.connatix.com/
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d48%26ev%3d660e6b66996a490e85b1a7c15e2b4b7f%26pname%3dSmaato%26api-ti...
  • https://cks.connatix.com/cks?pid=48&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Smaato&api-tier=1&uid=6db2e17714
120 B
234 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=48&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Smaato&api-tier=1&uid=6db2e17714
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc399fa02411570c4e2b1e380cd049b760a0e406d1b7cd2a216a428dd661f7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f61769b6ab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:50 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache, must-revalidate
location
https://cks.connatix.com/cks?pid=48&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Smaato&api-tier=1&uid=6db2e17714
via
1.1 bf49868a84302f57b8f20d68a5a57812.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
7TEPv9_vskGpHhfSrwpJwu18CFsjqlFopfwiiLegN69_s-XrCbZo4w==
date
Thu, 19 Sep 2024 13:35:50 GMT
x-amz-cf-pop
JFK52-P7
server
CloudFront
cks
cks.connatix.com/
Redirect Chain
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DCrimtan%26api-tier%3D1%26uid%3D%5Buser_id%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=28&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Crimtan&api-tier=1&uid=4b889810fd7f4e8c83fe907574592b07
142 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=28&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Crimtan&api-tier=1&uid=4b889810fd7f4e8c83fe907574592b07
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71609e712f51acba6b35c0d76ca57e07afc2fdda35305f2fca8ea7ab58f26ad9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f61769aeab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:50 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache, must-revalidate
location
https://cks.connatix.com/cks?pid=28&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Crimtan&api-tier=1&uid=4b889810fd7f4e8c83fe907574592b07
pragma
no-cache
via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CUR OUR NOR"
content-length
0
x-xss-protection
1; mode=block
date
Thu, 19 Sep 2024 13:35:50 GMT
content-type
text/html;charset=UTF-8
cks
cks.connatix.com/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DSonobi%26api-tier%3D1%26uid%3D%5BUID%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=43&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Sonobi&api-tier=1&uid=efcb09bb-e5a1-4f81-8bc3-973d1c186f0c
146 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=43&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Sonobi&api-tier=1&uid=efcb09bb-e5a1-4f81-8bc3-973d1c186f0c
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189226a46279bbacb04ea6704ba733616fc7ddd94c753e767b0be91599cd1c0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f61769acab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:50 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache, no-store, private
location
https://cks.connatix.com/cks?pid=43&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Sonobi&api-tier=1&uid=efcb09bb-e5a1-4f81-8bc3-973d1c186f0c
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Thu, 19 Sep 2024 13:35:50 GMT
tcn
Choice
content-type
text/plain; charset=utf8
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-iad-2-6-35
x-xss-protection
0
/
csync.loopme.me/ 		0
0
sync
x.bidswitch.net/ 		43 B
183 B 		Script
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?ssp=connatix&user_id=660e6b66996a490e85b1a7c15e2b4b7f&gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/589.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.202.130 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
130.202.211.35.bc.googleusercontent.com
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 19 Sep 2024 13:35:51 GMT
content-type
image/gif
cks
cks.connatix.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DCentro%26api-tier%3D1%26uid%3D%7BuserId...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DCentro%26api-tier%3D1%26uid%3...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D660e6b6...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D6...
  • https://cks.connatix.com/cks?pid=9&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Centro&api-tier=1&uid=b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553&gdpr=0
159 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=9&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Centro&api-tier=1&uid=b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f096672de58974f0fe865de7b2e6bbc66944a21124be2e53c93a8056e6f1939d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f64bce84ab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:59 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000
location
https://cks.connatix.com/cks?pid=9&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Centro&api-tier=1&uid=b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2-66ec28b7-5553&gdpr=0
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Thu, 19 Sep 2024 13:35:59 GMT
server
Jetty(11.0.13)
cks
cks.connatix.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DYieldMo%26api-tier%3D1%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=39&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=YieldMo&api-tier=1&uid=VRYofYYK3oYot_1DS8ch&gdpr=0
130 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=39&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=YieldMo&api-tier=1&uid=VRYofYYK3oYot_1DS8ch&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29597da20b0161859e4f6cfa511c5cacaa52436932b93d3ebe16594364c7a96c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f62fcb32ab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

location
https://cks.connatix.com/cks?pid=39&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=YieldMo&api-tier=1&uid=VRYofYYK3oYot_1DS8ch&gdpr=0
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
0
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json;charset=utf-8
access-control-allow-headers
Cache-Control, Pragma, *
cks
cks.connatix.com/
Redirect Chain
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=660e6b66996a490e85b1a7c15e2b4b7f&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DTel...
  • https://cks.connatix.com/cks?pid=5&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Telaria&api-tier=1&uid=e41d024793374cf499f781052764e5f1
141 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=5&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Telaria&api-tier=1&uid=e41d024793374cf499f781052764e5f1
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
853bb1cd5082672e3d15561a41ccdabdbbb9d3c62cf30821f16ee4ff7cdd2d4c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f648ab77ab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:58 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

location
https://cks.connatix.com/cks?pid=5&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Telaria&api-tier=1&uid=e41d024793374cf499f781052764e5f1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 19 Sep 2024 13:35:58 GMT
server
nginx
us
capi.connatix.com/core/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=ebe0e44056419bacaa87a61f23a4c317&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
0
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=ebe0e44056419bacaa87a61f23a4c317&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f61b0b82a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 19 Sep 2024 13:35:51 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

Redirect headers

Cache-Control
no-cache
Location
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=ebe0e44056419bacaa87a61f23a4c317&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Pragma
no-cache
x-sticky-vk
1726752951472056-276
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
0
Date
Thu, 19 Sep 2024 13:35:51 GMT
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 4E8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d660e6b66996a490e85b1a7c15e2b4b7f%26pname%3dIronSource%26api-tier%3d1%26uid%3d{partnerId}%26direct%3D1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/589.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.213.160.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-160-10.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Thu, 19 Sep 2024 13:35:48 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
cks
cks.connatix.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DResetDigital%26api-tier%3D1%26uid%3D%24USER_I...
  • https://cks.connatix.com/cks?pid=35&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=ResetDigital&api-tier=1&uid=0000015ABACC79AE
126 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=35&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=ResetDigital&api-tier=1&uid=0000015ABACC79AE
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c084cfc5682a90f51571766a9806b27777e301fbec8bf3139e83efeed2700ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f61b9eecab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:51 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
location
https://cks.connatix.com/cks?pid=35&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=ResetDigital&api-tier=1&uid=0000015ABACC79AE
content-length
0
date
Thu, 19 Sep 2024 13:35:51 GMT
content-type
text/html
sync.min.js
tags.crwdcntrl.net/lt/c/17331/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/589.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f48c5d349a73b41850ff4349fc02a2e43f172ecfbb5efe7e9437e6ca38403178

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"7a801cdc14047a14bf5f276389e89151"
age
27791
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
KrNunDq46C-yKDyKHZXZg5bk21YcfLWcNquObYscTd_hQzNZJHaf2w==
date
Thu, 19 Sep 2024 06:08:28 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:59:45 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
cks
cks.connatix.com/
Redirect Chain
  • https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=660e6b66996a490e85b1a7c15e2b4b7f&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f...
  • https://cks.connatix.com/cks?pid=34&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Colossus&api-tier=1&uid=62b6fdf2-16a5-45a0-9002-6edbd2aac242
146 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=34&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Colossus&api-tier=1&uid=62b6fdf2-16a5-45a0-9002-6edbd2aac242
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e758823887771b358f39a2a4d134298acd44615d60478432603da30dc04953a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f6238fa4ab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Cache-Control
no-cache, no-store, must-revalidate
Location
https://cks.connatix.com/cks?pid=34&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Colossus&api-tier=1&uid=62b6fdf2-16a5-45a0-9002-6edbd2aac242
Pragma
no-cache
Connection
keep-alive
Expires
0
Date
Thu, 19 Sep 2024 13:35:52 GMT
Server
nginx
cks
cks.connatix.com/
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DSundaySky%26api-tier%3D1%26uid%3D%24%7Bssky_uuid%7D&gdpr=0
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DSundaySky%26api-tier%3D1%26uid%3D%24%7Bssky_uuid%7D&gdpr...
  • https://cks.connatix.com/cks?pid=1&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=SundaySky&api-tier=1&uid=d6.568403bec21748e2ba58c1db28832e28
144 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=1&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=SundaySky&api-tier=1&uid=d6.568403bec21748e2ba58c1db28832e28
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10b4094501644ad85a67a98c6c8ce2484467bb67dc402ad690e8239dd3f1f11b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f620acb3ab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

x-content-type-options
nosniff
location
https://cks.connatix.com/cks?pid=1&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=SundaySky&api-tier=1&uid=d6.568403bec21748e2ba58c1db28832e28
content-length
0
date
Thu, 19 Sep 2024 13:35:52 GMT
x-frame-options
DENY
cks
cks.connatix.com/
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D660e6b66996a4...
  • https://cks.connatix.com/cks?pid=29&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Adelphic&api-tier=1&uid=31b7a3b9-e544-4ba9-a78c-96fec3de5650
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=29&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Adelphic&api-tier=1&uid=31b7a3b9-e544-4ba9-a78c-96fec3de5650
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5682efab4c6662e3ffcfcea530a81f97599b41fa107bd535500ec9238f2b7703

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8c59f628bc6cab9a-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare

Redirect headers

X-CI-RTID
ebd3536b-e12d-46d2-bae3-73650f9cfbe0
Location
https://cks.connatix.com/cks?pid=29&ev=660e6b66996a490e85b1a7c15e2b4b7f&pname=Adelphic&api-tier=1&uid=31b7a3b9-e544-4ba9-a78c-96fec3de5650
Content-Length
177
Date
Thu, 19 Sep 2024 13:35:53 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
cm
us-u.openx.net/w/1.0/ Frame 3E34 		0
0
cksync
cs.media.net/ Frame 3E34 		0
0
712202.gif
id.rlcdn.com/ Frame 3E34 		0
0
report
capi.connatix.com/us/google/ Frame 3E34
Redirect Chain
  • https://capi.connatix.com/us/google/pixel?tier=1&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NjYwZTZiNjY5OTZhNDkwZTg1YjFhN2MxNWUyYjRiN2Y&extra1=660e6b66996a490e85b1a7c15e2b4b7f&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix....
  • https://capi.connatix.com/us/google/report?extra1=660e6b66996a490e85b1a7c15e2b4b7f&gdpr=0
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/google/report?extra1=660e6b66996a490e85b1a7c15e2b4b7f&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

surrogate-control
no-cache, no-store, must-revalidate, max-age=0
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8c59f605fb05a21c-YYZ
alt-svc
h3=":443"; ma=86400
content-length
95
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

Redirect headers

cache-control
no-cache, must-revalidate
location
https://capi.connatix.com/us/google/report?extra1=660e6b66996a490e85b1a7c15e2b4b7f&gdpr=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
290
date
Thu, 19 Sep 2024 13:35:48 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 19 Sep 2024 13:35:46 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
post
tag.escalated.io/ 		31 B
445 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/post
Requested by
Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.131.10.225 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-10-225.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
64502a4e175debf859635c4bc5ac52181bb3bf8d436a9146397e47cb675ffd20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

Cache-Control
no-store
Connection
keep-alive
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Content-Length
31
Date
Thu, 19 Sep 2024 13:35:47 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/json; charset=utf-8
Server
nginx
Access-Control-Allow-Headers
X-Forwarded-For, X-Requested-With, Content-Type
page_load
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ Frame 		0
0
hadronid
id.hadron.ad.gt/api/v1/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
DYNAMIC
debug
NON-OPTIONS
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials
true
cf-ray
8c59f61f4c923a09-YYZ
access-control-allow-origin
*
content-length
55794
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
Content-Type; text/javascript; charset=UTF-8
server
cloudflare
access-control-allow-headers
authorization,content-type
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202407090940/ 		284 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"76074361c87e7c8d3af88302818b71f9"
age
6208593
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:47 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 09 Jul 2024 14:20:21 GMT
vary
Accept-Encoding
x-amz-id-2
R2MXS85vOK0COPVd6dgcyWsEtEVuHv/mslcjrD+If4HBhOmfzoNEuRpXq+n9OH46pIJkDrvb+HR5g4IPwwBFBw==
cache-control
public, max-age=31536000
x-amz-request-id
RA0XGCNJ7H1V70PD
cf-ray
8c59f5ff88b85401-YYZ
accept-ranges
bytes
content-length
103346
server
cloudflare
x-amz-server-side-encryption
AES256
hadron.json
id.hadron.ad.gt/v1/ 		138 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.bleepingcomputer.com&url=https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee98a89ac06c466e939c0998035d790935c174679393dc22247193c344dff284

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
debug
NON-OPTIONS
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials
true
cf-ray
8c59f6018b7caafd-YYZ
access-control-allow-origin
*
date
Thu, 19 Sep 2024 13:35:47 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
authorization,content-type
0ab198dd-b265-462a-ae36-74e163ad6159
config.aps.amazon-adsystem.com/configs/ 		563 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-108.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
ee5ebc2e5e093ee9ea3485ae13632e54bba29b488b7956923112de35efe7ded4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=3600
age
1984
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
O93QFM-UotJEvP-4EKvf9HJ6HAX_kC81pgzDBZ1-44Lqf5P2dU73MQ==
date
Thu, 19 Sep 2024 13:02:49 GMT
content-type
application/javascript
x-amz-cf-pop
JFK50-P3
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
3cc3e7477f9c8eef291c048ee6e8e4e15d57a4b95c315089e072ef1dd190fb2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=21550, s-maxage=21600
age
9678
access-control-allow-credentials
true
via
1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.bleepingcomputer.com
x-cache
Hit from cloudfront
content-length
2865
x-amz-cf-id
ZF1zejtTRoMNgZx8KahXa8vkWjwMMh2jXGwc8J-V6sNocdibeCyqmg==
date
Thu, 19 Sep 2024 10:54:28 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
JFK50-P3
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&pid=g07fFMuw0bIKa&cb=0&ws=1600x1200&v=24.827.1552&t=622&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_728x90_320x50_InContent_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22554x312%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22120x600%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22120x600%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22120x600%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22554x312%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C412%2C1%2C%2C%2C&sm=fc91bf5c-a056-450e-b640-b2088058b887&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.127.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-127-64.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 bd83fc15ab125846f839dd3c1ad21462.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.bleepingcomputer.com
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
TGi0ZNxpIpZ5lDn-0kZ6WRot1isvaaRBr-MhpLsl8Swh0MNLnMSdwA==
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
JFK50-P4
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		843 B
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&pid=g07fFMuw0bIKa&cb=1&ws=1600x1200&v=24.827.1552&t=622&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22s%22%3A%5B%221x1%22%2C%22300x50%22%2C%22320x50%22%2C%22468x60%22%2C%22728x90%22%2C%22970x90%22%2C%22300x100%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C412%2C1%2C%2C%2C&sm=fc91bf5c-a056-450e-b640-b2088058b887&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.127.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-127-64.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
47f9154857e3b0fdd934cce641c49a6ddb14ebe3ae1f7678a9152259cf60e99c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 bd83fc15ab125846f839dd3c1ad21462.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.bleepingcomputer.com
x-cache
Miss from cloudfront
content-length
554
x-amz-cf-id
yA7wPPK_j54x6GwHH-4cMx_QKxObQGZAs-t9aqH4HuZRDttK8N0X1g==
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
JFK50-P4
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
age
75835
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
_IxkgXlelghMpqSIIcAbCgSfUCivjPfOtzOfPL8oLrwSWrvSNnj3Kw==
date
Wed, 18 Sep 2024 16:31:53 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
296 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
8a493bf2a5e2bcd6ebd2c6a4005e81e6f1d85a9510bf1632466514f79e9a99d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:47 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
4f7db1214904712cec872e10f74b8a4dd35e639f3fdb328e26c3494e9e9965fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:47 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
bid
aax.amazon-adsystem.com/e/dtb/ 		841 B
898 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&pid=g07fFMuw0bIKa&cb=2&ws=1600x1200&v=24.827.1552&t=622&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_728x90_300x250__320x100_320x50_dynamic1_slot%22%2C%22s%22%3A%5B%22468x60%22%2C%22728x90%22%2C%22300x250%22%2C%22336x280%22%2C%22554x312%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_300x250__320x100_320x50_dynamic%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C412%2C1%2C%2C%2C&sm=fc91bf5c-a056-450e-b640-b2088058b887&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.127.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-127-64.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
bac749da0d322dd00bd550eb5515af0917d079419ec9bf2721eac2e9317436b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 bd83fc15ab125846f839dd3c1ad21462.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.bleepingcomputer.com
x-cache
Miss from cloudfront
content-length
557
x-amz-cf-id
FdwZos9tTz-IBm1UGqBZHDNdCyjKSyD_E7OhPx7Xxac-3hivqRMxwA==
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
JFK50-P4
server
Server
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 9900 		0
0
topics_frame.html
pa.openx.net/ Frame 8E01 		0
0
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.bleepingcomputer.com&url=https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8c59f6013b42aafd-YYZ
content-length
0
content-type
application/json
date
Thu, 19 Sep 2024 13:35:47 GMT
debug
OPTIONS block
expires
Fri, 19 Sep 2025 13:35:47 GMT
server
cloudflare
cookie_sync
s2s.t13.io/ 		0
0
auction
s2s.t13.io/openrtb2/ 		0
0
prebid
prebid.media.net/rtb/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
openrtb
ex.ingage.tech/v1/ 		0
0
hb-multi
hb.yellowblue.io/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2992154380907323&correlator=3531351860762978&eid=31086815&output=ldjh&gdfp_req=1&vrg=202409160104&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_300x250_300x600_160x600_Right_3%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=320x50%7C728x90%7C554x312%2C300x250%7C120x600%7C160x600%7C300x600%2C300x250%7C120x600%7C160x600%7C300x600%2C300x250%7C120x600%7C160x600%7C300x600%2C320x50%7C728x90%7C970x90%7C970x250%7C554x312&fluid=height%2C0%2C0%2C0%2Cheight&ifi=3&didk=1410863669~1679461619~1679461618~1679461617~2757140747&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1726752948207&lmt=1726267479&adxs=268%2C1082%2C1082%2C1082%2C436&adys=4730%2C782%2C2474%2C3684%2C6234&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&vis=1&psz=834x90%7C306x600%7C306x600%7C306x600%7C1200x250&msz=834x90%7C306x600%7C306x600%7C306x600%7C1170x250&fws=4%2C4%2C4%2C516%2C4&ohw=834%2C306%2C306%2C306%2C1170&td=1&egid=28368&tan=158e1374-5708-45eb-a51b-13271901dcf4%2C158e1374-5708-45eb-a51b-13271901dcf5%2C158e1374-5708-45eb-a51b-13271901dcf6%2C158e1374-5708-45eb-a51b-13271901dcf7%2C158e1374-5708-45eb-a51b-13271901dcf8&tdf=2&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJDA5ODZlY2ExLTFlYWEtNDA5OC1iMzY4LTk4MzNmMGM5ZWZmMlgBEmUKCXlhaG9vLmNvbRJWTzlxY1VQZkl1TVF5bU5pYjRiZG9yVXczeGo3OGRoVWliTVBLcWxkV3V6Z3Nqa0RCNHQ0NVBoMmZ6VW42YlpIWkNPcmRENUIxc2VVV0wxWWY3OGNtNXdYAQ..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1726752938400&idt=5906&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D1c896b22-8240-4ae5-900c-64ddc729df02%26floors_id%3D133d59%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_728x90_320x50_InContent_1%26fs_ad_product%3Dbanner%26amznbid%3D1%26amznp%3D1%26fs-auuid%3Db627fe12-e584-47e4-912d-e5efff440dcf%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D426e1f11-ef40-401a-86e2-f0a7776b7925%26floors_id%3D20cc62%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_1%26fs_ad_product%3Dbanner%26amznbid%3D1%26amznp%3D1%26fs-auuid%3Db627fe12-e584-47e4-912d-e5efff440dcf%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D6f3aa4bd-410a-4749-9a37-010e49d4f41c%26floors_id%3D51ac03%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_2%26fs_ad_product%3Dbanner%26amznbid%3D1%26amznp%3D1%26fs-auuid%3Db627fe12-e584-47e4-912d-e5efff440dcf%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D8041b3d7-9bde-4fb2-b557-cdecd22ec8e6%26floors_id%3D88f340%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_3%26fs_ad_product%3Dbanner%26amznbid%3D1%26amznp%3D1%26fs-auuid%3Db627fe12-e584-47e4-912d-e5efff440dcf%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Df5b0f11b-b654-400b-9ca6-38979d002489%26floors_id%3De2b310%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_BTF%26fs_ad_product%3Dbanner%26amznbid%3D1%26amznp%3D1%26fs-auuid%3Db627fe12-e584-47e4-912d-e5efff440dcf%26fsbid%3Dtimeout&cust_params=fsitf%3DY-NYY-YYYY-YYYYY------------------------%26fs_liveintent%3DY%26fs_session_id%3D1ca33be5-1b63-4234-b9d8-28c9235e9af3%26fs_pageview_id%3D7dfbc652479c15462af601e06e48be60%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D19%26fs_testgroup%3Doptimised&adks=3006093167%2C1994841743%2C1512476352%2C3569010014%2C4003487347&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
45a8fef330cf0d3e216c83abe80bc0def44584c276357ce28b217431754cf41e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
google-lineitem-id
-2,-2,-2,-2,-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 19 Sep 2024 13:35:49 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2,-2,-2,-2,-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
427
x-xss-protection
0
server
cafe
container.html
7a6ca953a7993755c4024080786e3253.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FAE4 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		806 B
383 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2992154380907323&correlator=3531351860762978&eid=31086815&output=ldjh&gdfp_req=1&vrg=202409160104&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=8&didk=2803950313&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1726752948398&lmt=1726267479&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&vis=1&psz=338x-1&msz=300x-1&fws=512&ohw=0&td=1&egid=28368&tan=158e1374-5708-45eb-a51b-13271901dcf9&tdf=2&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJDA5ODZlY2ExLTFlYWEtNDA5OC1iMzY4LTk4MzNmMGM5ZWZmMlgBEmUKCXlhaG9vLmNvbRJWTzlxY1VQZkl1TVF5bU5pYjRiZG9yVXczeGo3OGRoVWliTVBLcWxkV3V6Z3Nqa0RCNHQ0NVBoMmZ6VW42YlpIWkNPcmRENUIxc2VVV0wxWWY3OGNtNXdYAQ..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1726752938400&idt=5906&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dda29cf43-be84-488e-ac8f-1a81c0f20edb%26floors_id%3D3c584d%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_970x90_728x90_320x50_sticky%26fs_ad_product%3DstickyFooter%26fs_clientservermask%3D20030300100023220011202%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout&cust_params=fsitf%3DY-NYY-YYYY-YYYYY------------------------%26fs_liveintent%3DY%26fs_session_id%3D1ca33be5-1b63-4234-b9d8-28c9235e9af3%26fs_pageview_id%3D7dfbc652479c15462af601e06e48be60%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D19%26fs_testgroup%3Doptimised&adks=1085809260&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
3d27db0f7711901d4e969f5941e21bee21bfb27ea780557abce74340d4b02295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 19 Sep 2024 13:35:49 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
353
x-xss-protection
0
server
cafe
player.lit.ui.js
cds.connatix.com/p/529897/ 		172 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/529897/player.lit.ui.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/529897/connatix.player.js?cid=1ffdf4d6-eb53-11e9-b4d2-06948452ae1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23df0276fbd15fc73deb21ba8f509e71f9d9f34286de5fae22421956e979daf0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
86400
content-encoding
br
cf-cache-status
HIT
etag
"4ab04b0eaa905ca38e3a1465b345e6ac"
x-amz-version-id
ron8YS2TivbChYy_GNUU3lnPntN2e3fT
access-control-allow-methods
*
expires
Fri, 19 Sep 2025 13:35:48 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 08:14:58 GMT
x-amz-expiration
expiry-date="Tue, 08 Apr 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
access-control-allow-headers
range
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray
8c59f6085aa1ab9a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
36721
server
cloudflare
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 3E34 		0
0
81549
i.liadm.com/s/ Frame 3E34 		0
0
/
optimise.net/ 		7 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=bleepingcomputer.com&t=desktop&c=CA&r=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
b196c5bcf7986cfbc59123846f5f29032c3e6af163f17f1f604c58b3ad64bd78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm
0

Response headers

access-control-max-age
3600
access-control-expose-headers
fs-client-rtt,fs-country
age
3
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
expires
0
fs-client-rtt
25
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 13:35:45 GMT
content-type
application/json
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
7296
fs-country
CA
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=b627fe12-e584-47e4-912d-e5efff440dcf&cid=8CUJ8GUQF&crid=315461417|315461417|315461417|315461417|315461417&adunit_count=5&dn=www.bleepingcomputer.com&requrl=https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/&istop=true&event=client_timeout&value=5&rd=622
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.203 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Sep 2024 13:35:54 GMT
Access-Control-Allow-Origin
*
Content-Length
35
Date
Thu, 19 Sep 2024 13:35:54 GMT
Content-Type
image/gif
474
a.ad.gt/api/v1/u/matches/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61114713a02e21f68b203212dc5c5234db262a6dd5985c04aefd5cbc2fac45e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
age
73
cross-origin-resource-policy
cross-origin
cf-ray
8c59f62afb60ab84-YYZ
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/javascript
last-modified
Thu, 19 Sep 2024 13:34:41 GMT
vary
Accept-Encoding
server
cloudflare
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-179-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Thu, 19 Sep 2024 13:50:55 GMT
accept-ranges
bytes
content-length
17407
date
Thu, 19 Sep 2024 13:35:55 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"ad78eaf46246cac6849005eb8b50ae6f"
age
9416
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
jxQ7diIY1zSvdl6n3pJhK7bFQ-4f-FM3DjPyuHNQAAMrUxTCCdb8JQ==
date
Thu, 19 Sep 2024 10:58:58 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
ima.js
cdn-ima.33across.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712369aef7db8ee613780ed94892762890345add2113c7749b2f03b819c0a4fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ce363e-403e"
age
147159
cf-ray
8c59f63e6d9e39d8-YYZ
expires
Sun, 22 Sep 2024 13:35:57 GMT
date
Thu, 19 Sep 2024 13:35:57 GMT
content-type
application/javascript
last-modified
Tue, 27 Aug 2024 20:25:34 GMT
vary
Accept-Encoding
server
cloudflare
id5-api.js
cdn.id5-sync.com/api/1.0/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827eba33ff7f627627e79285ae329f7269998b7ca965f96f2c1ee59ce7116406
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
OMyh/4R5riwZgtQdTawna9iOsXwu2U8Id7T4V0CvKQZWPEZH6xyZwSU3KObS+4u8r+AYy9q/M2vtSS8OtECbxzozxzt5QtV0
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"6f43174cf2798dcd024756859322fc73"
age
2483
x-amz-request-id
T9K1F4FNTF865FM9
cf-ray
8c59f640ddcf39de-YYZ
date
Thu, 19 Sep 2024 13:35:57 GMT
content-type
text/javascript;charset=utf-8
last-modified
Mon, 16 Sep 2024 11:24:35 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 19 Sep 2024 13:35:48 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
8c59f60ceb10ac09-YYZ
date
Thu, 19 Sep 2024 13:35:49 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Headers
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=bleepingcomputer.com&t=desktop&c=CA&r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key,x-lm
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
fs-client-rtt,fs-country
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 19 Sep 2024 13:35:48 GMT
expires
0
fs-client-rtt
20
fs-country
CA
pragma
no-cache
strict-transport-security
max-age=31536000
via
1.1 google
auction
s2s.t13.io/openrtb2/ 		0
0
prebid
prebid.media.net/rtb/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
hb-multi
hb.yellowblue.io/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
openrtb
ex.ingage.tech/v1/ 		0
0
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		0
0
websiteconfig
btloader.com/
Redirect Chain
  • https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896&w=
  • https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896
30 B
161 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
651388948a3444f5e74d15fefeb121fa16fea72c1b4d9e60beb4bee393cf2e3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
BYPASS
x-content-type-options
nosniff
via
1.1 google
cf-ray
8c59f614c85636ae-YYZ
access-control-allow-origin
*
content-length
30
date
Thu, 19 Sep 2024 13:35:50 GMT
content-type
text/plain; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare

Redirect headers

cache-control
public, max-age=3600, must-revalidate
location
/websiteconfig?bt_env=prod&o=5714937848528896
cf-cache-status
EXPIRED
via
1.1 google
cf-ray
8c59f60b7fd836ae-YYZ
access-control-allow-origin
*
date
Thu, 19 Sep 2024 13:35:49 GMT
content-type
text/html; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
98226
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPSXnG1fIAMeERXdSwaLjhFLu4rxgr64D%2F3fxPT2vSNgV3b3vEGdpQmB%2FMe8O%2FIbvFoX70%2BK8GAV07MXC4CAYijb70FapPERivJ0KnOtLvdP53Cen5HFsWVPqv1YP29UOg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Fri, 20 Sep 2024 13:35:55 GMT
x-goog-stored-content-length
43
date
Thu, 19 Sep 2024 13:35:55 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
ABPtcPoO8lHTf149iQY1YWi3D4zx22EAtSAz_AcGCaHZE_ooDIimXVBuIG_p1OOO9HKPZxksl_S475t5TA
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8c59f6351a27398a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9153707285696147
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
98226
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YpgfhhWWVoAyKBrdJAEjo5vdDHrv%2BPgcuug6SdICbNUPxsOCiMk84VzaC0%2FSftciNqp3YlPHHr33t8t0R4riVlUqu4HZA0INB%2BRAOx7%2F8FfhuUIH9q2VimEyEJElffzVUA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Fri, 20 Sep 2024 13:35:55 GMT
x-goog-stored-content-length
43
date
Thu, 19 Sep 2024 13:35:55 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
ABPtcPoO8lHTf149iQY1YWi3D4zx22EAtSAz_AcGCaHZE_ooDIimXVBuIG_p1OOO9HKPZxksl_S475t5TA
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8c59f6351a2a398a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
882.json
id5-sync.com/g/v2/ 		632 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
ed60a0533e3834db8d69b5cd9f74b081a71dc55e86900f2478197fe040895d96
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
p3p
CP="CAO PSA OUR"
date
Thu, 19 Sep 2024 13:35:49 GMT
content-type
application/json
vary
Origin
882.json
id5-sync.com/g/v2/ 		632 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
1be95367fe0ba2a25256c238150e2d26bc242de7e9510c058868e216520f14cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
p3p
CP="CAO PSA OUR"
date
Thu, 19 Sep 2024 13:35:49 GMT
content-type
application/json
vary
Origin
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=1e2c771d-3842-47a4-b801-7d0b24544c6b&cid=8CUJ8GUQF&crid=315461417&adunit_count=1&dn=www.bleepingcomputer.com&requrl=https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/&istop=true&event=client_timeout&value=1&rd=622
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.203 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Sep 2024 13:35:55 GMT
Access-Control-Allow-Origin
*
Content-Length
35
Date
Thu, 19 Sep 2024 13:35:55 GMT
Content-Type
image/gif
auction
s2s.t13.io/openrtb2/ 		0
0
prebid
prebid.media.net/rtb/ 		0
0
hb-multi
hb.yellowblue.io/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
openrtb
ex.ingage.tech/v1/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
error
pixel.quantcount.com/tag/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.quantcount.com/tag/error
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.228 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-length
0
date
Thu, 19 Sep 2024 13:35:50 GMT
access-control-allow-headers
Accept, Accept-Language, Content-Type, Content-Language
pixel;r=1911709829;rf=1;a=p-UeXruRVtZz7w6;url=about%3Ablank;uht=2;fpan=1;fpa=P0-1260303962-1726752948934;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=bleepingcomputer.com;dst=1...
pixel.quantserve.com/ 		35 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1911709829;rf=1;a=p-UeXruRVtZz7w6;url=about%3Ablank;uht=2;fpan=1;fpa=P0-1260303962-1726752948934;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=bleepingcomputer.com;dst=1;et=1726752949783;tzo=420;ogl=;ses=91a2cf35-5f40-418f-91ca-dc35640e5d84;mdl=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date
Thu, 19 Sep 2024 13:35:55 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
content-type
image/gif
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 		0
0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 19 Sep 2024 13:35:50 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=209ca183-9427-46a0-9faf-c04ebeb1b1c0&cid=8CUJ8GUQF&crid=315461417&adunit_count=1&dn=www.bleepingcomputer.com&requrl=https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/&istop=true&event=client_timeout&value=1&rd=622
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.203 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Sep 2024 13:35:55 GMT
Access-Control-Allow-Origin
*
Content-Length
35
Date
Thu, 19 Sep 2024 13:35:55 GMT
Content-Type
image/gif
ads
securepubads.g.doubleclick.net/gampad/ 		446 B
196 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2992154380907323&correlator=3531351860762978&eid=31086815&output=ldjh&gdfp_req=1&vrg=202409160104&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_728x90_300x250__320x100_320x50_dynamic&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C468x60%7C728x90%7C300x250%7C336x280%7C554x312&fluid=height&ifi=9&didk=1878567608&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1726752950478&lmt=1726267479&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&td=1&egid=28368&tan=158e1374-5708-45eb-a51b-13271901dcfa&tdf=2&topics=9&tps=9&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJDA5ODZlY2ExLTFlYWEtNDA5OC1iMzY4LTk4MzNmMGM5ZWZmMlgBEoYBCg5saXZlaW50ZW50LmNvbRJyNy10enIvanFQVGVybjZ2cGRHbjA3UmgrOERXSnZISmhKZkdNU3doS2l5NGlNUEZtRDBXZkFMYUFJQVE1cXZ1NmZZeHZoWGlZMzB4TEcrNjYvUmlxOHpJWnhvdzhlT1RzQThTWlRIZW1CdHpkNE1HZz09WAESZQoJeWFob28uY29tElZPOXFjVVBmSXVNUXltTmliNGJkb3JVdzN4ajc4ZGhVaWJNUEtxbGRXdXpnc2prREI0dDQ1UGgyZnpVbjZiWkhaQ09yZEQ1QjFzZVVXTDFZZjc4Y201d1gBEkYKDGF1ZGlnZW50LmNvbRI0MDAwMXl1bTBlYWw2NmlhZWFhYWY5Zjc5amllY2E5a2lpYjY5Z2JsZ2tpYWJhY2trYzJqbFgB&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1726752938400&idt=5906&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dd2e7e572-d587-494d-a89f-a9c438e084b6%26floors_id%3D705e17%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_728x90_300x250__320x100_320x50_dynamic%26fs_ad_product%3DdynamicAd%26fs_clientservermask%3D20030300100023220011202%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout%26fs-auuid%3D209ca183-9427-46a0-9faf-c04ebeb1b1c0&cust_params=fsitf%3DY-NYY-YYYY-YYYYY------------------------%26fs_liveintent%3DY%26fs_session_id%3D1ca33be5-1b63-4234-b9d8-28c9235e9af3%26fs_pageview_id%3D7dfbc652479c15462af601e06e48be60%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D19%26fs_testgroup%3Doptimised&adks=4025797488&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
9f8f24e8668d36ea11846467976fbe1e9b9817ce5407ab14b67698ea2a2fda31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 19 Sep 2024 13:35:50 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
166
x-xss-protection
0
server
cafe
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ Frame 		0
0
floors
api.floors.dev/sgw/v1/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors?d=bleepingcomputer.com&t=desktop&k=1&r=1&c=CA
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d839e15024b54dadc296f0a8d7839a40490841f4c1f2ac14c4d8801a6c163077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm
0

Response headers

strict-transport-security
max-age=31536000
access-control-max-age
3600
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
via
1.1 google
expires
0
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 13:35:52 GMT
cache-status
disabled
content-type
application/json
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors?d=bleepingcomputer.com&t=desktop&k=1&r=1&c=CA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key,x-lm
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
cache-status
disabled
content-length
0
date
Thu, 19 Sep 2024 13:35:52 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000
via
1.1 google
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 19 Sep 2024 13:35:50 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 19 Sep 2024 13:35:51 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
map
bcp.crwdcntrl.net/6/ 		156 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.140.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-140-218.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9a3c499fba4036cad75d36c85a172112d5b6c0a11d9a456cea842325b1e9979d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.bleepingcomputer.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
156
date
Thu, 19 Sep 2024 13:36:01 GMT
content-type
application/json;charset=utf-8
x-server
10.40.14.122
server
Jetty(9.4.38.v20210224)
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 19 Sep 2024 13:35:51 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8c59f6222f13aafd-YYZ
content-length
0
content-type
application/json
date
Thu, 19 Sep 2024 13:35:52 GMT
debug
rtd-nx-ny
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8c59f6224f30aafd-YYZ
content-length
0
content-type
application/json
date
Thu, 19 Sep 2024 13:35:52 GMT
debug
rtd-nx-ny
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8c59f6225f37aafd-YYZ
content-length
0
content-type
application/json
date
Thu, 19 Sep 2024 13:35:52 GMT
debug
rtd-nx-ny
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ 		27 B
85 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-ny
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8c59f6227f4eaafd-YYZ
access-control-allow-origin
*
content-length
27
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
rtd
id.hadron.ad.gt/api/v1/ 		27 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-ny
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8c59f6229f64aafd-YYZ
access-control-allow-origin
*
content-length
27
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
rtd
id.hadron.ad.gt/api/v1/ 		27 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-ny
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8c59f622cf98aafd-YYZ
access-control-allow-origin
*
content-length
27
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
rtd
id.hadron.ad.gt/api/v1/ 		27 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-ny
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8c59f622cf97aafd-YYZ
access-control-allow-origin
*
content-length
27
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
rtd
id.hadron.ad.gt/api/v1/ 		27 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-ny
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8c59f622cf99aafd-YYZ
access-control-allow-origin
*
content-length
27
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
rtd
id.hadron.ad.gt/api/v1/ 		27 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-ny
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8c59f622efacaafd-YYZ
access-control-allow-origin
*
content-length
27
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
rtd
id.hadron.ad.gt/api/v1/ 		27 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-ny
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8c59f622ffb3aafd-YYZ
access-control-allow-origin
*
content-length
27
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
auction
s2s.t13.io/openrtb2/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
154.47.17.56; 154.47.17.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
an-x-request-uuid
bdd63506-194a-4ed7-8da5-f220c2766ebf
content-length
145
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 19 Sep 2024 13:35:52 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
translator
hbopenbid.pubmatic.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:52 GMT
access-control-allow-credentials
true
hb-multi
hb.yellowblue.io/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		0
0
prebid
prebid.media.net/rtb/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Thu, 19 Sep 2024 13:35:52 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
application/json;charset=utf-8
server
envoy
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=2&alt_size_ids=1%2C19%2C43%2C44%2C55%2C117%2C221&rp_schain=1.0,1!freestar.com,412,1,,,&eid_yahoo.com=O9qcUPfIuMQymNib4bdorUw3xj78dhUibMPKqldWuzgsjkDB4t45Ph2fzUn6bZHZCOrdD5B1seUWL1Yf78cm5w%5E3&eid_criteo.com=BvtYTV9ZJTJGViUyRlRYSW12SnZwQlVIelFNdXNYRWZrSjlXTzVEaTlpYSUyQkczak50TWZONWJibXZoc3dDc2VQUm9BRm1mUld1V25YVXcwcHJXMDNkU3c1YkY3cnpKTmJmeHN4amJVYWgxelJBWFh5aUVKUSUzRA%5E1&eid_audigent.com=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl%5E1&eid_id5-sync.com=ID5*05HXXUt7s_5IZ1xOiEU7dLLp4kZ_JnoLKcrykN9GZXLGTK_spefem4bDYgb6IdXY%5E1%5E2&tpid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_pubcid.org=0986eca1-1eaa-4098-b368-9833f0c9eff2%5E1&tpid_tdid=bc8b0835-1393-4f63-9270-2da844e8deab&eid_adserver.org=bc8b0835-1393-4f63-9270-2da844e8deab&rf=about%3Ablank&tg_v.id=0d2426b2-0065-48d3-9360-a53d168936a0&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-25&tg_i.sectioncat=IAB19-25&tg_i.pagecat=IAB19-25&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=535&tg_i.fs_ad_product=stickyFooter&tg_i.pbadslot=%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&tk_flint=pbjs_lite_v8.49.8&x_source.tid=9e67e39a-a80b-40b9-84eb-6bf9f9f3d503&l_pb_bid_id=2826f369fc3cc286&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fca43ffe-be0e-40ae-b8a0-0a7eebc8528e&rp_maxbids=1&p_gpid=%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&m_ch_mobile=%3F0&slots=1&rand=0.09200245618031211
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.10 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
openrtb
ex.ingage.tech/v1/ 		0
0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 19 Sep 2024 13:35:52 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ads
securepubads.g.doubleclick.net/gampad/ 		435 B
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2992154380907323&correlator=3531351860762978&eid=31086815&output=ldjh&gdfp_req=1&vrg=202409160104&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=10&didk=2803950313&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Da6f6ec05bdf48766%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MaRAncOTeub1_vYbYD3WaFefzrAbw&gpic=UID%3D00000a518c9e054b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MZvJFhvAu8MXRnrPbH64TM6FThwYg&abxe=1&dt=1726752953148&lmt=1726267479&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=28368&tan=158e1374-5708-45eb-a51b-13271901dcfb&tdf=2&topics=9&tps=9&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KjA1SFhYVXQ3c181SVoxeE9pRVU3ZExMcDRrWl9Kbm9MS2NyeWtOOUdaWExHVEtfc3BlZmVtNGJEWWdiNklkWFlYARI0CgpwdWJjaWQub3JnEiQwOTg2ZWNhMS0xZWFhLTQwOTgtYjM2OC05ODMzZjBjOWVmZjJYARKGAQoObGl2ZWludGVudC5jb20ScjctdHpyL2pxUFRlcm42dnBkR24wN1JoKzhEV0p2SEpoSmZHTVN3aEtpeTRpTVBGbUQwV2ZBTGFBSUFRNXF2dTZmWXh2aFhpWTMweExHKzY2L1JpcTh6SVp4b3c4ZU9Uc0E4U1pUSGVtQnR6ZDRNR2c9PVgBEmUKCXlhaG9vLmNvbRJWTzlxY1VQZkl1TVF5bU5pYjRiZG9yVXczeGo3OGRoVWliTVBLcWxkV3V6Z3Nqa0RCNHQ0NVBoMmZ6VW42YlpIWkNPcmRENUIxc2VVV0wxWWY3OGNtNXdYARJGCgxhdWRpZ2VudC5jb20SNDAwMDF5dW0wZWFsNjZpYWVhYWFmOWY3OWppZWNhOWtpaWI2OWdibGdraWFiYWNra2MyamxYAQ..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1726752938400&idt=5906&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3Dda29cf43-be84-488e-ac8f-1a81c0f20edb%26floors_id%3D3cb779%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_970x90_728x90_320x50_sticky%26fs_ad_product%3DstickyFooter%26fs_clientservermask%3D20030300100023220011202%26fsbid%3Dtimeout%26fs-auuid%3D9e67e39a-a80b-40b9-84eb-6bf9f9f3d503&cust_params=fsitf%3DY-NYY-YYYY-YYYYY------------------------%26fs_liveintent%3DY%26fs_session_id%3D1ca33be5-1b63-4234-b9d8-28c9235e9af3%26fs_pageview_id%3D7dfbc652479c15462af601e06e48be60%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D19%26fs_testgroup%3Doptimised&adks=1085809260&frm=20&eo_id_str=ID%3D4d6b207cf343132b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DAA-AfjbVxpo1tFFGQ1ZNlq248JwM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
48c371b50d16257535224e39fa7e24daf19bee3a7c8cd7d014c836cf7a1558fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
161
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		436 B
187 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2992154380907323&correlator=3531351860762978&eid=31086815&output=ldjh&gdfp_req=1&vrg=202409160104&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_728x90_320x50_InContent_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C554x312&fluid=height&ifi=11&didk=1410863669&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Da6f6ec05bdf48766%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MaRAncOTeub1_vYbYD3WaFefzrAbw&gpic=UID%3D00000a518c9e054b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MZvJFhvAu8MXRnrPbH64TM6FThwYg&abxe=1&dt=1726752953170&lmt=1726267479&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=28368&tan=158e1374-5708-45eb-a51b-13271901dcfc&tdf=2&topics=9&tps=9&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KjA1SFhYVXQ3c181SVoxeE9pRVU3ZExMcDRrWl9Kbm9MS2NyeWtOOUdaWExHVEtfc3BlZmVtNGJEWWdiNklkWFlYARI0CgpwdWJjaWQub3JnEiQwOTg2ZWNhMS0xZWFhLTQwOTgtYjM2OC05ODMzZjBjOWVmZjJYARKGAQoObGl2ZWludGVudC5jb20ScjctdHpyL2pxUFRlcm42dnBkR24wN1JoKzhEV0p2SEpoSmZHTVN3aEtpeTRpTVBGbUQwV2ZBTGFBSUFRNXF2dTZmWXh2aFhpWTMweExHKzY2L1JpcTh6SVp4b3c4ZU9Uc0E4U1pUSGVtQnR6ZDRNR2c9PVgBEmUKCXlhaG9vLmNvbRJWTzlxY1VQZkl1TVF5bU5pYjRiZG9yVXczeGo3OGRoVWliTVBLcWxkV3V6Z3Nqa0RCNHQ0NVBoMmZ6VW42YlpIWkNPcmRENUIxc2VVV0wxWWY3OGNtNXdYARJGCgxhdWRpZ2VudC5jb20SNDAwMDF5dW0wZWFsNjZpYWVhYWFmOWY3OWppZWNhOWtpaWI2OWdibGdraWFiYWNra2MyamxYAQ..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1726752938400&idt=5906&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D1c896b22-8240-4ae5-900c-64ddc729df02%26floors_id%3Dec0f7d%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_728x90_320x50_InContent_1%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fs-auuid%3Db627fe12-e584-47e4-912d-e5efff440dcf%26fsbid%3Dtimeout&cust_params=fsitf%3DY-NYY-YYYY-YYYYY------------------------%26fs_liveintent%3DY%26fs_session_id%3D1ca33be5-1b63-4234-b9d8-28c9235e9af3%26fs_pageview_id%3D7dfbc652479c15462af601e06e48be60%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D19%26fs_testgroup%3Doptimised&adks=3006093167&frm=20&eo_id_str=ID%3D4d6b207cf343132b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DAA-AfjbVxpo1tFFGQ1ZNlq248JwM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
d22504c337c5e5d815922dac829a916f8ca3f3bf8e76cd7790bc50ed39e2d3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
158
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		440 B
192 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2992154380907323&correlator=3531351860762978&eid=31086815&output=ldjh&gdfp_req=1&vrg=202409160104&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_300x250_300x600_160x600_Right_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C120x600%7C160x600%7C300x600&ifi=12&didk=1679461619&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Da6f6ec05bdf48766%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MaRAncOTeub1_vYbYD3WaFefzrAbw&gpic=UID%3D00000a518c9e054b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MZvJFhvAu8MXRnrPbH64TM6FThwYg&abxe=1&dt=1726752953208&lmt=1726267479&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=28368&tan=158e1374-5708-45eb-a51b-13271901dcfd&tdf=2&topics=9&tps=9&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KjA1SFhYVXQ3c181SVoxeE9pRVU3ZExMcDRrWl9Kbm9MS2NyeWtOOUdaWExHVEtfc3BlZmVtNGJEWWdiNklkWFlYARI0CgpwdWJjaWQub3JnEiQwOTg2ZWNhMS0xZWFhLTQwOTgtYjM2OC05ODMzZjBjOWVmZjJYARKGAQoObGl2ZWludGVudC5jb20ScjctdHpyL2pxUFRlcm42dnBkR24wN1JoKzhEV0p2SEpoSmZHTVN3aEtpeTRpTVBGbUQwV2ZBTGFBSUFRNXF2dTZmWXh2aFhpWTMweExHKzY2L1JpcTh6SVp4b3c4ZU9Uc0E4U1pUSGVtQnR6ZDRNR2c9PVgBEmUKCXlhaG9vLmNvbRJWTzlxY1VQZkl1TVF5bU5pYjRiZG9yVXczeGo3OGRoVWliTVBLcWxkV3V6Z3Nqa0RCNHQ0NVBoMmZ6VW42YlpIWkNPcmRENUIxc2VVV0wxWWY3OGNtNXdYARJGCgxhdWRpZ2VudC5jb20SNDAwMDF5dW0wZWFsNjZpYWVhYWFmOWY3OWppZWNhOWtpaWI2OWdibGdraWFiYWNra2MyamxYAQ..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1726752938400&idt=5906&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D426e1f11-ef40-401a-86e2-f0a7776b7925%26floors_id%3D09e370%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_1%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fs-auuid%3Db627fe12-e584-47e4-912d-e5efff440dcf%26fsbid%3Dtimeout&cust_params=fsitf%3DY-NYY-YYYY-YYYYY------------------------%26fs_liveintent%3DY%26fs_session_id%3D1ca33be5-1b63-4234-b9d8-28c9235e9af3%26fs_pageview_id%3D7dfbc652479c15462af601e06e48be60%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D19%26fs_testgroup%3Doptimised&adks=1994841743&frm=20&eo_id_str=ID%3D4d6b207cf343132b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DAA-AfjbVxpo1tFFGQ1ZNlq248JwM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
8df5336eb07a097c0454f553c467db6d01c627c4779292da1119d0c1ad62def6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
162
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		443 B
192 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2992154380907323&correlator=3531351860762978&eid=31086815&output=ldjh&gdfp_req=1&vrg=202409160104&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_300x250_300x600_160x600_Right_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C120x600%7C160x600%7C300x600&ifi=13&didk=1679461618&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Da6f6ec05bdf48766%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MaRAncOTeub1_vYbYD3WaFefzrAbw&gpic=UID%3D00000a518c9e054b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MZvJFhvAu8MXRnrPbH64TM6FThwYg&abxe=1&dt=1726752953223&lmt=1726267479&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=28368&tan=158e1374-5708-45eb-a51b-13271901dcfe&tdf=2&topics=9&tps=9&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KjA1SFhYVXQ3c181SVoxeE9pRVU3ZExMcDRrWl9Kbm9MS2NyeWtOOUdaWExHVEtfc3BlZmVtNGJEWWdiNklkWFlYARI0CgpwdWJjaWQub3JnEiQwOTg2ZWNhMS0xZWFhLTQwOTgtYjM2OC05ODMzZjBjOWVmZjJYARKGAQoObGl2ZWludGVudC5jb20ScjctdHpyL2pxUFRlcm42dnBkR24wN1JoKzhEV0p2SEpoSmZHTVN3aEtpeTRpTVBGbUQwV2ZBTGFBSUFRNXF2dTZmWXh2aFhpWTMweExHKzY2L1JpcTh6SVp4b3c4ZU9Uc0E4U1pUSGVtQnR6ZDRNR2c9PVgBEmUKCXlhaG9vLmNvbRJWTzlxY1VQZkl1TVF5bU5pYjRiZG9yVXczeGo3OGRoVWliTVBLcWxkV3V6Z3Nqa0RCNHQ0NVBoMmZ6VW42YlpIWkNPcmRENUIxc2VVV0wxWWY3OGNtNXdYARJGCgxhdWRpZ2VudC5jb20SNDAwMDF5dW0wZWFsNjZpYWVhYWFmOWY3OWppZWNhOWtpaWI2OWdibGdraWFiYWNra2MyamxYAQ..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1726752938400&idt=5906&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D6f3aa4bd-410a-4749-9a37-010e49d4f41c%26floors_id%3Dea45d7%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_2%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fs-auuid%3Db627fe12-e584-47e4-912d-e5efff440dcf%26fsbid%3Dtimeout&cust_params=fsitf%3DY-NYY-YYYY-YYYYY------------------------%26fs_liveintent%3DY%26fs_session_id%3D1ca33be5-1b63-4234-b9d8-28c9235e9af3%26fs_pageview_id%3D7dfbc652479c15462af601e06e48be60%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D19%26fs_testgroup%3Doptimised&adks=1512476352&frm=20&eo_id_str=ID%3D4d6b207cf343132b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DAA-AfjbVxpo1tFFGQ1ZNlq248JwM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
b2df091bc964f1304f74f7d02c4ea35c589affced36575078e8b2de01b394091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
163
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		440 B
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2992154380907323&correlator=3531351860762978&eid=31086815&output=ldjh&gdfp_req=1&vrg=202409160104&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C120x600%7C160x600%7C300x600&ifi=14&didk=1679461617&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Da6f6ec05bdf48766%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MaRAncOTeub1_vYbYD3WaFefzrAbw&gpic=UID%3D00000a518c9e054b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MZvJFhvAu8MXRnrPbH64TM6FThwYg&abxe=1&dt=1726752953234&lmt=1726267479&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=28368&tan=158e1374-5708-45eb-a51b-13271901dcff&tdf=2&topics=9&tps=9&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KjA1SFhYVXQ3c181SVoxeE9pRVU3ZExMcDRrWl9Kbm9MS2NyeWtOOUdaWExHVEtfc3BlZmVtNGJEWWdiNklkWFlYARI0CgpwdWJjaWQub3JnEiQwOTg2ZWNhMS0xZWFhLTQwOTgtYjM2OC05ODMzZjBjOWVmZjJYARKGAQoObGl2ZWludGVudC5jb20ScjctdHpyL2pxUFRlcm42dnBkR24wN1JoKzhEV0p2SEpoSmZHTVN3aEtpeTRpTVBGbUQwV2ZBTGFBSUFRNXF2dTZmWXh2aFhpWTMweExHKzY2L1JpcTh6SVp4b3c4ZU9Uc0E4U1pUSGVtQnR6ZDRNR2c9PVgBEmUKCXlhaG9vLmNvbRJWTzlxY1VQZkl1TVF5bU5pYjRiZG9yVXczeGo3OGRoVWliTVBLcWxkV3V6Z3Nqa0RCNHQ0NVBoMmZ6VW42YlpIWkNPcmRENUIxc2VVV0wxWWY3OGNtNXdYARJGCgxhdWRpZ2VudC5jb20SNDAwMDF5dW0wZWFsNjZpYWVhYWFmOWY3OWppZWNhOWtpaWI2OWdibGdraWFiYWNra2MyamxYAQ..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1726752938400&idt=5906&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D8041b3d7-9bde-4fb2-b557-cdecd22ec8e6%26floors_id%3D177884%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_3%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fs-auuid%3Db627fe12-e584-47e4-912d-e5efff440dcf%26fsbid%3Dtimeout&cust_params=fsitf%3DY-NYY-YYYY-YYYYY------------------------%26fs_liveintent%3DY%26fs_session_id%3D1ca33be5-1b63-4234-b9d8-28c9235e9af3%26fs_pageview_id%3D7dfbc652479c15462af601e06e48be60%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D19%26fs_testgroup%3Doptimised&adks=3569010014&frm=20&eo_id_str=ID%3D4d6b207cf343132b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DAA-AfjbVxpo1tFFGQ1ZNlq248JwM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
f0e9f6a1794eb6ffdc3753e9b24cf41c77b50c91821b5b4da1ebb9c84cd3e38d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
161
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		440 B
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2992154380907323&correlator=3531351860762978&eid=31086815&output=ldjh&gdfp_req=1&vrg=202409160104&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C554x312&fluid=height&ifi=15&didk=2757140747&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Da6f6ec05bdf48766%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MaRAncOTeub1_vYbYD3WaFefzrAbw&gpic=UID%3D00000a518c9e054b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MZvJFhvAu8MXRnrPbH64TM6FThwYg&abxe=1&dt=1726752953248&lmt=1726267479&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=28368&tan=158e1374-5708-45eb-a51b-13271901dd00&tdf=2&topics=9&tps=9&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KjA1SFhYVXQ3c181SVoxeE9pRVU3ZExMcDRrWl9Kbm9MS2NyeWtOOUdaWExHVEtfc3BlZmVtNGJEWWdiNklkWFlYARI0CgpwdWJjaWQub3JnEiQwOTg2ZWNhMS0xZWFhLTQwOTgtYjM2OC05ODMzZjBjOWVmZjJYARKGAQoObGl2ZWludGVudC5jb20ScjctdHpyL2pxUFRlcm42dnBkR24wN1JoKzhEV0p2SEpoSmZHTVN3aEtpeTRpTVBGbUQwV2ZBTGFBSUFRNXF2dTZmWXh2aFhpWTMweExHKzY2L1JpcTh6SVp4b3c4ZU9Uc0E4U1pUSGVtQnR6ZDRNR2c9PVgBEmUKCXlhaG9vLmNvbRJWTzlxY1VQZkl1TVF5bU5pYjRiZG9yVXczeGo3OGRoVWliTVBLcWxkV3V6Z3Nqa0RCNHQ0NVBoMmZ6VW42YlpIWkNPcmRENUIxc2VVV0wxWWY3OGNtNXdYARJGCgxhdWRpZ2VudC5jb20SNDAwMDF5dW0wZWFsNjZpYWVhYWFmOWY3OWppZWNhOWtpaWI2OWdibGdraWFiYWNra2MyamxYAQ..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1726752938400&idt=5906&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3Df5b0f11b-b654-400b-9ca6-38979d002489%26floors_id%3Dad1a00%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_BTF%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fs-auuid%3Db627fe12-e584-47e4-912d-e5efff440dcf%26fsbid%3Dtimeout&cust_params=fsitf%3DY-NYY-YYYY-YYYYY------------------------%26fs_liveintent%3DY%26fs_session_id%3D1ca33be5-1b63-4234-b9d8-28c9235e9af3%26fs_pageview_id%3D7dfbc652479c15462af601e06e48be60%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D19%26fs_testgroup%3Doptimised&adks=4003487347&frm=20&eo_id_str=ID%3D4d6b207cf343132b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DAA-AfjbVxpo1tFFGQ1ZNlq248JwM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
ad64b4fb67e37febde93abab1727fe57ff021461d933f7a4324592775610cdd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
161
x-xss-protection
0
server
cafe
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=9e67e39a-a80b-40b9-84eb-6bf9f9f3d503&cid=8CUJ8GUQF&crid=315461417&adunit_count=1&dn=www.bleepingcomputer.com&requrl=https://www.bleepingcomputer.com/news/security/malware-locks-browser-in-kiosk-mode-to-steal-google-credentials/&istop=true&event=client_timeout&value=1&rd=622
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.203 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Sep 2024 13:35:55 GMT
Access-Control-Allow-Origin
*
Content-Length
35
Date
Thu, 19 Sep 2024 13:35:55 GMT
Content-Type
image/gif
auction
s2s.t13.io/openrtb2/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
0067811c92066b0cd35e2e0177de7acc358b88486406e1160f579dc3661e9cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2299
date
Thu, 19 Sep 2024 13:35:53 GMT
x-prebid
pbs-java/2.15.0
content-type
application/json
openrtb
ex.ingage.tech/v1/ 		2 KB
899 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
259e6141ae8281568d8a7d2bdf0ba25dbb6022044b5da07e2cfe41da308c906e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f6280c6bac03-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.8&referrer=about%3Ablank&tmax=622
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.148.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-148-106.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=393562
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa326a729a213ec85de0b40867e75ba204b16a7449009da14b6e253813673227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYrKBspg5kGQQCDfAMs3RaR7p%2FAxwCE9YImFAjLLftdh6BVgE9BYcoTdRNb%2FQuF%2BuYD7Zne0XXn7QuCclIQi4xcUlL57m1EhZNFuVfx7hg0ZenCREwCgMmjEaFSvc4iq7b%2Fs2vKX"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8c59f627fe68abac-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
38
server
cloudflare
translator
hbopenbid.pubmatic.com/ 		0
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:53 GMT
access-control-allow-credentials
true
hb-multi
hb.yellowblue.io/ 		84 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-91.ewr53.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6079032a34fc3bb4307c908d23d3874664c3eb96f4d2abaa8a55849baa382138

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
126
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.bleepingcomputer.com
x-cache
Miss from cloudfront
content-length
109
x-amz-cf-id
9iWqCK4-9jqr6dgpySMB1WYEFhDso1xDjuLgs-wA-5a5mTykfrDjUw==
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
x-amz-cf-pop
EWR53-P1
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
prebid
prebid.media.net/rtb/ 		56 B
228 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Thu, 19 Sep 2024 13:35:53 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json;charset=utf-8
server
envoy
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
12a73c3d400a9f3cca5c54ba668bd79cdc6fa95168e6a412505441f6851b77b4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
154.47.17.56; 154.47.17.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
an-x-request-uuid
f5bc7650-d3b9-45bc-8de2-dd6cb6447a22
content-length
145
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 19 Sep 2024 13:35:53 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
fastlane.json
fastlane.rubiconproject.com/a/api/ 		725 B
759 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=2&rp_schain=1.0,1!freestar.com,412,1,,,&eid_yahoo.com=O9qcUPfIuMQymNib4bdorUw3xj78dhUibMPKqldWuzgsjkDB4t45Ph2fzUn6bZHZCOrdD5B1seUWL1Yf78cm5w%5E3&eid_criteo.com=BvtYTV9ZJTJGViUyRlRYSW12SnZwQlVIelFNdXNYRWZrSjlXTzVEaTlpYSUyQkczak50TWZONWJibXZoc3dDc2VQUm9BRm1mUld1V25YVXcwcHJXMDNkU3c1YkY3cnpKTmJmeHN4amJVYWgxelJBWFh5aUVKUSUzRA%5E1&eid_audigent.com=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl%5E1&eid_id5-sync.com=ID5*05HXXUt7s_5IZ1xOiEU7dLLp4kZ_JnoLKcrykN9GZXLGTK_spefem4bDYgb6IdXY%5E1%5E2&tpid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_pubcid.org=0986eca1-1eaa-4098-b368-9833f0c9eff2%5E1&tpid_tdid=bc8b0835-1393-4f63-9270-2da844e8deab&eid_adserver.org=bc8b0835-1393-4f63-9270-2da844e8deab&rf=about%3Ablank&tg_v.id=0d2426b2-0065-48d3-9360-a53d168936a0&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-25&tg_i.sectioncat=IAB19-25&tg_i.pagecat=IAB19-25&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=535&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%2Fbleepingcomputer_728x90_320x50_InContent_1&tk_flint=pbjs_lite_v8.49.8&x_source.tid=d2b6cc8e-87e9-4111-9bc7-87a356f35137&l_pb_bid_id=3187c6f5febce1d7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e0a77af2-aeb9-4a08-8747-ddad0effb6a9&rp_maxbids=1&p_gpid=%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%2Fbleepingcomputer_728x90_320x50_InContent_1&m_ch_mobile=%3F0&slots=1&rand=0.5004456251618981
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.10 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fcdd66efbeb3c2658c491d42252d0b54d67205278dc3b35da08202e26242f154

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
725
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
4d6af3a1417c69ce6db32b62baca8e6bdf714128ff4976dbd249cc8d09763887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
auction
s2s.t13.io/openrtb2/ 		1 KB
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
7e6b39027b698d3bbccb6ae1edbca164680a232ddb4fe56a3bf9558cf7951e4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
354
date
Thu, 19 Sep 2024 13:35:53 GMT
x-prebid
pbs-java/2.15.0
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:53 GMT
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		762 B
820 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!freestar.com,412,1,,,&eid_yahoo.com=O9qcUPfIuMQymNib4bdorUw3xj78dhUibMPKqldWuzgsjkDB4t45Ph2fzUn6bZHZCOrdD5B1seUWL1Yf78cm5w%5E3&eid_criteo.com=BvtYTV9ZJTJGViUyRlRYSW12SnZwQlVIelFNdXNYRWZrSjlXTzVEaTlpYSUyQkczak50TWZONWJibXZoc3dDc2VQUm9BRm1mUld1V25YVXcwcHJXMDNkU3c1YkY3cnpKTmJmeHN4amJVYWgxelJBWFh5aUVKUSUzRA%5E1&eid_audigent.com=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl%5E1&eid_id5-sync.com=ID5*05HXXUt7s_5IZ1xOiEU7dLLp4kZ_JnoLKcrykN9GZXLGTK_spefem4bDYgb6IdXY%5E1%5E2&tpid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_pubcid.org=0986eca1-1eaa-4098-b368-9833f0c9eff2%5E1&tpid_tdid=bc8b0835-1393-4f63-9270-2da844e8deab&eid_adserver.org=bc8b0835-1393-4f63-9270-2da844e8deab&rf=about%3Ablank&tg_v.id=0d2426b2-0065-48d3-9360-a53d168936a0&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-25&tg_i.sectioncat=IAB19-25&tg_i.pagecat=IAB19-25&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=535&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%2Fbleepingcomputer_300x250_300x600_160x600_Right_1&tk_flint=pbjs_lite_v8.49.8&x_source.tid=6651099b-ba65-4da2-bad8-3f61f9c957c3&l_pb_bid_id=338995347bffa88b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=a7269385-2b77-4cd8-b26e-b2d91bcfc948&rp_maxbids=1&p_gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%2Fbleepingcomputer_300x250_300x600_160x600_Right_1&m_ch_mobile=%3F0&slots=1&rand=0.5857055903885506
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.10 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
245aa16215b3d12fe00d7fe2eadbbaece445b471b108bdb16401e1816fecf40a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
762
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
pbjs
htlb.casalemedia.com/openrtb/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=393562
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a32df83a352b59d8d913d60ffdc673406a00386435ceaaabbcba84c50d8b5ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PNnOC4Qv9yvcmIGhYRGGkvh7mymK16DosPn%2FO9rkSSFyQ0DQUTe3EEiM8uxs8y0JmkQMF%2FnKl2FDj5L6%2BF71NDKs1HFYpxP%2FqLKuZzapsF9zeDr0Qm1hsuqiBHyxtdVVAiSYM6Fg"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8c59f6280e6eabac-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
2777
server
cloudflare
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.8&referrer=about%3Ablank&tmax=622
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.148.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-148-106.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
x-auction-status
29, 29, 29
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
prebid
prebid.media.net/rtb/ 		56 B
207 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
5
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Thu, 19 Sep 2024 13:35:53 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json;charset=utf-8
server
envoy
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d5cfef5ef879f7462b1bc42b4141c3d762e24578c1dc5327113e10bf446534ab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
154.47.17.56; 154.47.17.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
an-x-request-uuid
9bc2dfc3-5a62-4cf4-a691-e0b87baa71a7
content-length
139
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 19 Sep 2024 13:35:53 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
hb-multi
hb.yellowblue.io/ 		84 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-91.ewr53.r.cloudfront.net
Software
istio-envoy /
Resource Hash
f410b49132f202d22286d5539d87d550fbbd674e3463eaab28368a78de04e272

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
235
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.bleepingcomputer.com
x-cache
Miss from cloudfront
content-length
109
x-amz-cf-id
wBq599LWIiteQAiabSBb5nl8eH5rBjBy84KWLHVauLViR_6qoNme6Q==
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
x-amz-cf-pop
EWR53-P1
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
a4c98f9e18a307396b770355dfda6afb7cedc6fbb757b8a2eae3d8fe4a0e2538
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
0763ee5900979bc51a5fc48b08901974a4cab27cf54d5d1e882f6bb763da6275
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
9754983fb392b18c37ac4718abbdff1fcff864ae54fe07f3d6c04041d0322b1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
openrtb
ex.ingage.tech/v1/ 		2 KB
875 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1680f7aecf89041b400c8d2d56a7445eb903077bb03c351119ebbfd1bf2b4461

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f6281c85ac03-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ Frame 		0
0
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 		0
0
auction
s2s.t13.io/openrtb2/ 		1 KB
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
ec44b66c1e7bcb79184a0edeceaa868b6be009acda10a3cf384936199f1caeec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
395
date
Thu, 19 Sep 2024 13:35:53 GMT
x-prebid
pbs-java/2.15.0
content-type
application/json
hb-multi
hb.yellowblue.io/ 		84 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-91.ewr53.r.cloudfront.net
Software
istio-envoy /
Resource Hash
1a4a991f1f416a068a8c6f033bb67d93367811314cd34ce4bd6ded15aaf57634

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.bleepingcomputer.com
x-cache
Miss from cloudfront
content-length
109
x-amz-cf-id
lAkRxfFxzIeHGX8CZCfqEfWICD1r4R2C97qNgjpQxh7oXhntkP3HdQ==
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
x-amz-cf-pop
EWR53-P1
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
fastlane.json
fastlane.rubiconproject.com/a/api/ 		762 B
796 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!freestar.com,412,1,,,&eid_yahoo.com=O9qcUPfIuMQymNib4bdorUw3xj78dhUibMPKqldWuzgsjkDB4t45Ph2fzUn6bZHZCOrdD5B1seUWL1Yf78cm5w%5E3&eid_criteo.com=BvtYTV9ZJTJGViUyRlRYSW12SnZwQlVIelFNdXNYRWZrSjlXTzVEaTlpYSUyQkczak50TWZONWJibXZoc3dDc2VQUm9BRm1mUld1V25YVXcwcHJXMDNkU3c1YkY3cnpKTmJmeHN4amJVYWgxelJBWFh5aUVKUSUzRA%5E1&eid_audigent.com=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl%5E1&eid_id5-sync.com=ID5*05HXXUt7s_5IZ1xOiEU7dLLp4kZ_JnoLKcrykN9GZXLGTK_spefem4bDYgb6IdXY%5E1%5E2&tpid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_pubcid.org=0986eca1-1eaa-4098-b368-9833f0c9eff2%5E1&tpid_tdid=bc8b0835-1393-4f63-9270-2da844e8deab&eid_adserver.org=bc8b0835-1393-4f63-9270-2da844e8deab&rf=about%3Ablank&tg_v.id=0d2426b2-0065-48d3-9360-a53d168936a0&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-25&tg_i.sectioncat=IAB19-25&tg_i.pagecat=IAB19-25&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=535&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2&tk_flint=pbjs_lite_v8.49.8&x_source.tid=4cfc6cae-2fce-431a-a2ca-4fb958e9c5bf&l_pb_bid_id=379c9fd98fd77a1b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4d3d417e-7692-446e-974a-8ff63624be8c&rp_maxbids=1&p_gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2&m_ch_mobile=%3F0&slots=1&rand=0.6075581292078112
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.10 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a52d20b0d83f196bf9138f8fb259e645d6c231b53ecd7699a072d96f552dbb74

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
762
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
openrtb
ex.ingage.tech/v1/ 		2 KB
872 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ec946c0796cb02a72e12bd6a9b4178e39938cd2769d53fd672e7b315004bff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f6297e76ac03-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=393562
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14d2ff72771529c3d062b19bab3abe37dd3fb8830e453f5592092a6409acb32b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=haSEkxINHT61xJO8usY10PHy22Z9WfeesXVmdxm7bOTAmCBJvq4B7FWY8pFa4k7Vu08w2rD9nQbfJG1RUENCMY4txl%2B3ZOxGNbWM8HKczNN8XIHgr3MUeEhmnS%2FV3zVuc%2FEC9LYH"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8c59f6297fbfabac-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
37
server
cloudflare
prebid
prebid.media.net/rtb/ 		56 B
93 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
6
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Thu, 19 Sep 2024 13:35:53 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json;charset=utf-8
server
envoy
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.8&referrer=about%3Ablank&tmax=622
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.148.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-148-106.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
x-auction-status
29, 29, 29
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
translator
hbopenbid.pubmatic.com/ 		0
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:53 GMT
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
c69e47e532d2804bea4a11078896f89a9aec5ab65a1de13ea4f755ea8565f936
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
154.47.17.56; 154.47.17.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
an-x-request-uuid
f6a07870-b718-4504-b5c4-fc8640c4168b
content-length
145
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 19 Sep 2024 13:35:53 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
7fe515546216c323743f71ef37c636b95590b4367c24f89cb97751b2267147c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
cbc365ace808a90df979334a46bfbd9ad8b7d9867e001e69699231c7a0966cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
a22349db0e4eaef73c148bab59629601f0c6b94c55213e161cf002d614b63b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
map
bcp.crwdcntrl.net/6/ 		156 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.217.140.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-140-218.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a6d4cb9a0aab64b437ebc30dd0616a1433d50abc6519427d9287824ec335015d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.bleepingcomputer.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
156
date
Thu, 19 Sep 2024 13:36:01 GMT
content-type
application/json;charset=utf-8
x-server
10.40.51.23
server
Jetty(9.4.38.v20210224)
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
auction
s2s.t13.io/openrtb2/ 		1 KB
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
9386205f7e28b89d73376bfa985ed5c2c257f383bc9249001f65348ceedd7801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
350
date
Thu, 19 Sep 2024 13:35:54 GMT
x-prebid
pbs-java/2.15.0
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ 		762 B
796 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!freestar.com,412,1,,,&eid_yahoo.com=O9qcUPfIuMQymNib4bdorUw3xj78dhUibMPKqldWuzgsjkDB4t45Ph2fzUn6bZHZCOrdD5B1seUWL1Yf78cm5w%5E3&eid_criteo.com=BvtYTV9ZJTJGViUyRlRYSW12SnZwQlVIelFNdXNYRWZrSjlXTzVEaTlpYSUyQkczak50TWZONWJibXZoc3dDc2VQUm9BRm1mUld1V25YVXcwcHJXMDNkU3c1YkY3cnpKTmJmeHN4amJVYWgxelJBWFh5aUVKUSUzRA%5E1&eid_audigent.com=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl%5E1&eid_id5-sync.com=ID5*05HXXUt7s_5IZ1xOiEU7dLLp4kZ_JnoLKcrykN9GZXLGTK_spefem4bDYgb6IdXY%5E1%5E2&tpid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_pubcid.org=0986eca1-1eaa-4098-b368-9833f0c9eff2%5E1&tpid_tdid=bc8b0835-1393-4f63-9270-2da844e8deab&eid_adserver.org=bc8b0835-1393-4f63-9270-2da844e8deab&rf=about%3Ablank&tg_v.id=0d2426b2-0065-48d3-9360-a53d168936a0&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-25&tg_i.sectioncat=IAB19-25&tg_i.pagecat=IAB19-25&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=535&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3&tk_flint=pbjs_lite_v8.49.8&x_source.tid=6f30afa0-e3aa-4e88-9925-541130776b1a&l_pb_bid_id=416ea3768f47285d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=0010deae-4ef6-43e2-8e2e-808176907656&rp_maxbids=1&p_gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3&m_ch_mobile=%3F0&slots=1&rand=0.4289984640072755
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.10 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0a9d0a88f1527d53cb25a280c4419ef9a4ab5d3bfc60348a2209a52b75523eda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
762
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
hb-multi
hb.yellowblue.io/ 		84 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-91.ewr53.r.cloudfront.net
Software
istio-envoy /
Resource Hash
393046f02647b1a0e07e367dbb68e334e00466b9950589082c8baf7d3a45bddc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
51
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.bleepingcomputer.com
x-cache
Miss from cloudfront
content-length
109
x-amz-cf-id
_oJYv9jyIk3rgxiaig23mE8gf5PWNpCEswMTZbW4LM96ZMvNOIFOXA==
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
x-amz-cf-pop
EWR53-P1
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=393562
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4326e6ba93b30cfec2341bc2cfbc3b718e6d32497c9cb9dfcf70a28e36b6c190

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5QQjzysYYmXp0XBOQXehCE1haDVeEUKXBb%2FI0E%2B0zeYLtpI2en3upeW9HTzS5MmeIuFjastVE5FHTB8q8TQxtPLhHKA%2FiQz8TNfQ0GVKA0VJH%2FSKItm5PiORmNSyckZP3LQ2n%2Bw1"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8c59f62a1869abac-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
38
server
cloudflare
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.8&referrer=about%3Ablank&tmax=622
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.148.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-148-106.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
x-auction-status
29, 29, 29
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
openrtb
ex.ingage.tech/v1/ 		2 KB
898 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c14cbb599f38c738cdb008be9f46c31d1e9ff2b1a86f89566c13b0cf75ed62f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f62a2f63ac03-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
translator
hbopenbid.pubmatic.com/ 		0
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:53 GMT
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		56 B
93 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
33
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Thu, 19 Sep 2024 13:35:53 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json;charset=utf-8
server
envoy
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
9cc94054f28eb67bc4bc313a1d9707399b89776b32c415976c69002d32ef2561
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
154.47.17.56; 154.47.17.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
an-x-request-uuid
e0000c31-6d51-4197-8dc4-282a652c2a52
content-length
145
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 19 Sep 2024 13:35:53 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
5a587cd3295b48e3dd9a73e72633582c52e615a5cf74a3f76a030e9de0572602
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
7042a4a56ea0372f5a3a66c49a7a4c1ef3be929725f8bb752a1dedcdbfae3319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
f5debb6b575243b05b1ecc160f08827157e1a964ccba809f9f58cdec984d9d95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
sync
x.bidswitch.net/ 		43 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.202.130 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
130.202.211.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
image/gif
auction
s2s.t13.io/openrtb2/ 		1 KB
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e30d1c4597f21c56dc54cf4db5ec07d3c33b2aee68982b162475b46e295684d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
353
date
Thu, 19 Sep 2024 13:35:54 GMT
x-prebid
pbs-java/2.15.0
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ 		762 B
820 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.com,412,1,,,&eid_yahoo.com=O9qcUPfIuMQymNib4bdorUw3xj78dhUibMPKqldWuzgsjkDB4t45Ph2fzUn6bZHZCOrdD5B1seUWL1Yf78cm5w%5E3&eid_criteo.com=BvtYTV9ZJTJGViUyRlRYSW12SnZwQlVIelFNdXNYRWZrSjlXTzVEaTlpYSUyQkczak50TWZONWJibXZoc3dDc2VQUm9BRm1mUld1V25YVXcwcHJXMDNkU3c1YkY3cnpKTmJmeHN4amJVYWgxelJBWFh5aUVKUSUzRA%5E1&eid_audigent.com=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl%5E1&eid_id5-sync.com=ID5*05HXXUt7s_5IZ1xOiEU7dLLp4kZ_JnoLKcrykN9GZXLGTK_spefem4bDYgb6IdXY%5E1%5E2&tpid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_pubcid.org=0986eca1-1eaa-4098-b368-9833f0c9eff2%5E1&tpid_tdid=bc8b0835-1393-4f63-9270-2da844e8deab&eid_adserver.org=bc8b0835-1393-4f63-9270-2da844e8deab&rf=about%3Ablank&tg_v.id=0d2426b2-0065-48d3-9360-a53d168936a0&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-25&tg_i.sectioncat=IAB19-25&tg_i.pagecat=IAB19-25&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=535&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&tk_flint=pbjs_lite_v8.49.8&x_source.tid=80337dba-72b3-45bb-9cce-2cba95a15682&l_pb_bid_id=4595ee866c976aa5&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3d9fa643-bd45-43ac-8666-658949789aae&rp_maxbids=1&p_gpid=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&m_ch_mobile=%3F0&slots=1&rand=0.3095846717688726
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.10 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b2f5b295cd71c6a41ceae6e81aeaaea8acb4c554c5331416e1849be087de3380

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
762
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
translator
hbopenbid.pubmatic.com/ 		0
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:54 GMT
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=393562
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d94e0cbb4ff3e0e391ec27d18181920299df0d5a310566ba984af39cdab058e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=snQqjDNrEf6M0ii23mTNLABUfyG1mLx4LrfQDNMOT57eQcyNkTO0akpcQV7psYBOpv6Hg95Mf%2FtCgR4luXI1TpIwiaeZJs1dUoCp4u6EYKZgx4UtA%2BB8%2Fn6MIVJ4YhkQfEfYzgfA"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8c59f62ad93eabac-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
38
server
cloudflare
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
fe8e5fff10c25f5ee0fa9d77bedda0939fd3f7094ce74a88f54f2920a38d20e9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
154.47.17.56; 154.47.17.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
an-x-request-uuid
61a9073f-0e9f-4561-ad44-f1b3ebc581a3
content-length
145
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 19 Sep 2024 13:35:54 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
prebid
prebid.media.net/rtb/ 		56 B
93 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
9
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Thu, 19 Sep 2024 13:35:54 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json;charset=utf-8
server
envoy
openrtb
ex.ingage.tech/v1/ 		2 KB
875 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd28e5276236a26e8acdb884b306f425638b21053283c704b0817a7171c4e16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f62af867ac03-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
23773c9860da1868bf3be9447bfcc8f3bc4a9833ee602164896541e7cb902387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
36f2f239b0a62b10935390f6e44b52f0020777f98303d66aba0dce4e5feea1c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
be74cfbceb2692ca7c21d7ce374bb5381854c87f73c72ac99652ff4f170cc91a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.8&referrer=about%3Ablank&tmax=622
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.148.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-148-106.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
x-auction-status
29
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
hb-multi
hb.yellowblue.io/ 		83 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-91.ewr53.r.cloudfront.net
Software
istio-envoy /
Resource Hash
70a1e70a37676a5ff383b0b8bed7397837b118fb8728601a969c3d401e6d026a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.bleepingcomputer.com
x-cache
Miss from cloudfront
content-length
108
x-amz-cf-id
zTBn3ranqE6yi9TbytXbiizIrcc0OHmwdS99OM9dO1hoH2IE_MLFZg==
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
x-amz-cf-pop
EWR53-P1
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
halo_match
ids.ad.gt/api/v1/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001726752954-K9PZEJ4T-KTTX&halo_id=060ixe7ju6a65a88gfkjedk6gi8i67ihjbiuom2wi0e0ye44qoywmky0qu4u02usw
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.189.44.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-44-64.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache
content-length
43
date
Thu, 19 Sep 2024 13:35:56 GMT
content-type
image/gif
server
nginx/1.24.0
auction
s2s.t13.io/openrtb2/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
fdd2fef0285aa2277437bbcb07306e048ca45f5b65c3683c5c4455c02afa736d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2214
date
Thu, 19 Sep 2024 13:35:54 GMT
x-prebid
pbs-java/2.15.0
content-type
application/json
prebid
prebid.media.net/rtb/ 		56 B
93 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
4
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
Thu, 19 Sep 2024 13:35:54 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 13:35:53 GMT
content-type
application/json;charset=utf-8
server
envoy
hb-multi
hb.yellowblue.io/ 		84 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-91.ewr53.r.cloudfront.net
Software
istio-envoy /
Resource Hash
715bb882d8bad48337e75868220005e60be273cfe66ac666e50c5f9ca2cb03d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

content-encoding
gzip
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.bleepingcomputer.com
x-cache
Miss from cloudfront
content-length
109
x-amz-cf-id
HAY-tWUrvTzFbfmIv-HLVS2dHiEAycBUlc9iYpn8I10XISKY1ONprA==
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
x-amz-cf-pop
EWR53-P1
server
istio-envoy
x-reason
maxmind hosting provider
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.8&referrer=about%3Ablank&tmax=622
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.222.148.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-148-106.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
x-auction-status
29, 29
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ 		785 B
819 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=15&alt_size_ids=2%2C1%2C16&rp_schain=1.0,1!freestar.com,412,1,,,&eid_yahoo.com=O9qcUPfIuMQymNib4bdorUw3xj78dhUibMPKqldWuzgsjkDB4t45Ph2fzUn6bZHZCOrdD5B1seUWL1Yf78cm5w%5E3&eid_criteo.com=BvtYTV9ZJTJGViUyRlRYSW12SnZwQlVIelFNdXNYRWZrSjlXTzVEaTlpYSUyQkczak50TWZONWJibXZoc3dDc2VQUm9BRm1mUld1V25YVXcwcHJXMDNkU3c1YkY3cnpKTmJmeHN4amJVYWgxelJBWFh5aUVKUSUzRA%5E1&eid_audigent.com=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl%5E1&eid_id5-sync.com=ID5*05HXXUt7s_5IZ1xOiEU7dLLp4kZ_JnoLKcrykN9GZXLGTK_spefem4bDYgb6IdXY%5E1%5E2&tpid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_liveintent.com=7-tzr%2FjqPTern6vpdGn07Rh%2B8DWJvHJhJfGMSwhKiy4iMPFmD0WfALaAIAQ5qvu6fYxvhXiY30xLG%2B66%2FRiq8zIZxow8eOTsA8SZTHemBtzd4MGg%3D%3D&eid_pubcid.org=0986eca1-1eaa-4098-b368-9833f0c9eff2%5E1&tpid_tdid=bc8b0835-1393-4f63-9270-2da844e8deab&eid_adserver.org=bc8b0835-1393-4f63-9270-2da844e8deab&rf=about%3Ablank&tg_v.id=0d2426b2-0065-48d3-9360-a53d168936a0&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-25&tg_i.sectioncat=IAB19-25&tg_i.pagecat=IAB19-25&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=535&tg_i.fs_ad_product=dynamicAd&tg_i.pbadslot=%2F15184186%2Fbleepingcomputer_728x90_300x250__320x100_320x50_dynamic%2Fbleepingcomputer_728x90_300x250__320x100_320x50_dynamic1_slot&tk_flint=pbjs_lite_v8.49.8&x_source.tid=1c666d31-e228-4fbe-9cf6-85802ec6c0a2&l_pb_bid_id=5105595664b74b5d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3a2384b3-e29e-40c3-9b68-47f24c529f7e&rp_maxbids=1&p_gpid=%2F15184186%2Fbleepingcomputer_728x90_300x250__320x100_320x50_dynamic%2Fbleepingcomputer_728x90_300x250__320x100_320x50_dynamic1_slot&m_ch_mobile=%3F0&slots=1&rand=0.30708689143536816
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.10 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
32c1ae0e0a4adff512a5ba3ded8a675f4afd5cfe248fc43403f837a9aeb08498

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
785
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.21.4
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0e81599466fe50ccc9e1d24f0b344db06f1df2ebb3e634c7dc0308e0fb89d138
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
154.47.17.56; 154.47.17.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.bleepingcomputer.com
an-x-request-uuid
adf930f5-3f12-4594-bf4a-51a61c425cc3
content-length
144
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 19 Sep 2024 13:35:54 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
translator
hbopenbid.pubmatic.com/ 		0
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:54 GMT
access-control-allow-credentials
true
openrtb
ex.ingage.tech/v1/ 		2 KB
877 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24530ffc2110f466fa6a5b4595656003f1f7d22070f27a99b97f0ca874907e45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8c59f62b7902ac03-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
b173b9ee92e3d84fa16f480253a14c96ed4beabccbbe05416b1614436f74d8c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.36.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-36-18.compute-1.amazonaws.com
Software
/
Resource Hash
9bff40cca7d5beb68d507b54d9a8753c067ffeca9bc39f32c3596843b6b6c272
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
66
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
640 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=393562
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.81.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b1f6dea740ca18ea336ed6223b9edce86611604a00c221bf500e4c901d698c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QUJuPI8agpn8qxQNRnuQllmWa7utiAsraSGhPdqJhzNKZXHDcIx7BPYh1pOAMViKVjiP3%2BzZLWJD2P%2FCLCc3i53%2FEv%2FTEFiV%2B3ct5GM5E5qbE967ASadlRz%2B4C%2FTG4MARnzs7N2S"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8c59f62b79d4abac-YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
38
server
cloudflare
ads
securepubads.g.doubleclick.net/gampad/ 		449 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2992154380907323&correlator=3531351860762978&eid=31086815&output=ldjh&gdfp_req=1&vrg=202409160104&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_728x90_300x250__320x100_320x50_dynamic&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C468x60%7C728x90%7C300x250%7C336x280%7C554x312&fluid=height&ifi=16&didk=1878567608&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Da6f6ec05bdf48766%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MaRAncOTeub1_vYbYD3WaFefzrAbw&gpic=UID%3D00000a518c9e054b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DALNI_MZvJFhvAu8MXRnrPbH64TM6FThwYg&abxe=1&dt=1726752954343&lmt=1726267479&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=28368&tan=158e1374-5708-45eb-a51b-13271901dd01&tdf=2&topics=9&tps=9&htps=10&a3p=ElYKDGlkNS1zeW5jLmNvbRJESUQ1KjA1SFhYVXQ3c181SVoxeE9pRVU3ZExMcDRrWl9Kbm9MS2NyeWtOOUdaWExHVEtfc3BlZmVtNGJEWWdiNklkWFlYARI0CgpwdWJjaWQub3JnEiQwOTg2ZWNhMS0xZWFhLTQwOTgtYjM2OC05ODMzZjBjOWVmZjJYARKGAQoObGl2ZWludGVudC5jb20ScjctdHpyL2pxUFRlcm42dnBkR24wN1JoKzhEV0p2SEpoSmZHTVN3aEtpeTRpTVBGbUQwV2ZBTGFBSUFRNXF2dTZmWXh2aFhpWTMweExHKzY2L1JpcTh6SVp4b3c4ZU9Uc0E4U1pUSGVtQnR6ZDRNR2c9PVgBEmUKCXlhaG9vLmNvbRJWTzlxY1VQZkl1TVF5bU5pYjRiZG9yVXczeGo3OGRoVWliTVBLcWxkV3V6Z3Nqa0RCNHQ0NVBoMmZ6VW42YlpIWkNPcmRENUIxc2VVV0wxWWY3OGNtNXdYARJGCgxhdWRpZ2VudC5jb20SNDAwMDF5dW0wZWFsNjZpYWVhYWFmOWY3OWppZWNhOWtpaWI2OWdibGdraWFiYWNra2MyamxYAQ..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1726752938400&idt=5906&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3Dd2e7e572-d587-494d-a89f-a9c438e084b6%26floors_id%3D24ee07%26floors_hour%3D13%26fs_placementName%3Dbleepingcomputer_728x90_300x250__320x100_320x50_dynamic%26fs_ad_product%3DdynamicAd%26fs_clientservermask%3D20030300100023220011202%26fsbid%3Dtimeout%26fs-auuid%3D1c666d31-e228-4fbe-9cf6-85802ec6c0a2%26fspbg%3Dfs_universal%26fs_source%3Ds2s%26fs_auction_id%3D1c666d31-e228-4fbe-9cf6-85802ec6c0a2%26freestar_path%3Dblank%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dttdfsx_300x250%26fs_format%3Dbanner%26fs_size%3D300x250%26fs_pb%3D0.10%26fs_adid%3D534b41844c632e8a%26fs_bidder%3Dttdfsx&cust_params=fsitf%3DY-NYY-YYYY-YYYYY------------------------%26fs_liveintent%3DY%26fs_session_id%3D1ca33be5-1b63-4234-b9d8-28c9235e9af3%26fs_pageview_id%3D7dfbc652479c15462af601e06e48be60%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D19%26fs_testgroup%3Doptimised&adks=4025797488&frm=20&eo_id_str=ID%3D4d6b207cf343132b%3AT%3D1726752948%3ART%3D1726752948%3AS%3DAA-AfjbVxpo1tFFGQ1ZNlq248JwM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
eaafe93ce6365e866445f068791caeb1b04dd50467bdc853bbe16ef18cf2859c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
content-length
165
x-xss-protection
0
server
cafe
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.184.54.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-54-14.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
86400
date
Thu, 19 Sep 2024 13:35:56 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 		0
0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 19 Sep 2024 13:35:54 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.111.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Thu, 19 Sep 2024 13:35:55 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
error
api.edkt.io/analytics/ 		0
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.edkt.io/analytics/error
Requested by
Host: cdn.edkt.io
URL: https://cdn.edkt.io/PV483g/edgekit.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Edkt-Load-Id
0f8d4845-90ae-482e-84a4-a16e3d350ffc
Referer
X-Edkt-Api-Key
cdeffa51-8532-473f-8ba0-200d751fd73e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-max-age
86400
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
access-control-allow-credentials
true
via
1.1 google
cache-id
YYZ
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 19 Sep 2024 13:35:58 GMT
cache-status
uncacheable
content-type
text/html
x-cloud-trace-context
e94fdc2eb17e4d59de3204dd4a888194
vary
Origin
server
Google Frontend
error
api.edkt.io/analytics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.edkt.io/analytics/error
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-edkt-api-key,x-edkt-load-id
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-edkt-api-key,x-edkt-load-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-id
YYZ
cache-status
uncacheable
content-length
0
content-type
text/html
date
Thu, 19 Sep 2024 13:35:58 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
c22a6049c98041226c55bf662882f687

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pb-rtd.ccgateway.net
URL
https://pb-rtd.ccgateway.net/v1.0/realtime/4d97a662ad?profile_id=a88feaf2-ac80-4803-a11c-77761c41ca3e&url=https%253A%252F%252Fwww.bleepingcomputer.com%252Fnews%252Fsecurity%252Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%252F&context=true&audience=true&deal_ids=true&custom_taxonomy=true
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=106
Domain
pb-ing.ccgateway.net
URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/page_load
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
Domain
de.tynt.com
URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D660e6b66996a490e85b1a7c15e2b4b7f%26DemandPartnerName%3D_33Across%26tier%3D1%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D660e6b66996a490e85b1a7c15e2b4b7f%26DemandPartnerName%3DPubmatic%26tier%3D1%26DemandPartnerUserId%3D&gdpr=0
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DLoopMe%26api-tier%3D1%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&gdpr=0&gdpr_consent=null&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d660e6b66996a490e85b1a7c15e2b4b7f%26DemandPartnerName%3dOpenX%26tier%3d1%26DemandPartnerUserId%3d
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3D660e6b66996a490e85b1a7c15e2b4b7f%26DemandPartnerName%3DMediaNet%26tier%3D1%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/712202.gif?cparams=660e6b66996a490e85b1a7c15e2b4b7f&gdpr=0
Domain
pb-ing.ccgateway.net
URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/page_load
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Domain
pa.openx.net
URL
https://pa.openx.net/topics_frame.html?bidder=openx
Domain
s2s.t13.io
URL
https://s2s.t13.io/cookie_sync
Domain
s2s.t13.io
URL
https://s2s.t13.io/openrtb2/auction
Domain
prebid.media.net
URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.8&lt=1726752947832&to=420&aun=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&pubcid=0986eca1-1eaa-4098-b368-9833f0c9eff2&gpid=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&maxw=970&maxh=250&si=1041556&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.8%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.8&lt=1726752947857&to=420&aun=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&pubcid=0986eca1-1eaa-4098-b368-9833f0c9eff2&gpid=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&maxw=970&maxh=250&si=1041555&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.8%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.8&lt=1726752947857&to=420&aun=bleepingcomputer_300x250_300x600_160x600_Right_1&pubcid=0986eca1-1eaa-4098-b368-9833f0c9eff2&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%2Fbleepingcomputer_300x250_300x600_160x600_Right_1&maxw=300&maxh=600&si=1041554&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.8%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.8&lt=1726752947865&to=420&aun=bleepingcomputer_300x250_300x600_160x600_Right_1&pubcid=0986eca1-1eaa-4098-b368-9833f0c9eff2&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%2Fbleepingcomputer_300x250_300x600_160x600_Right_1&maxw=300&maxh=600&si=1041558&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.8%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.8&lt=1726752947865&to=420&aun=bleepingcomputer_300x250_300x600_160x600_Right_1&pubcid=0986eca1-1eaa-4098-b368-9833f0c9eff2&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%2Fbleepingcomputer_300x250_300x600_160x600_Right_1&maxw=300&maxh=600&si=1041553&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.8%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.8&lt=1726752947867&to=420&aun=bleepingcomputer_300x250_300x600_160x600_Right_2&pubcid=0986eca1-1eaa-4098-b368-9833f0c9eff2&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2&maxw=300&maxh=600&si=1041554&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.8%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.8&lt=1726752947869&to=420&aun=bleepingcomputer_300x250_300x600_160x600_Right_2&pubcid=0986eca1-1eaa-4098-b368-9833f0c9eff2&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2&maxw=300&maxh=600&si=1041558&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.8%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.8&lt=1726752947869&to=420&aun=bleepingcomputer_300x250_300x600_160x600_Right_2&pubcid=0986eca1-1eaa-4098-b368-9833f0c9eff2&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2&maxw=300&maxh=600&si=1041553&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.8%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.8&lt=1726752947871&to=420&aun=bleepingcomputer_728x90_320x50_InContent_1&pubcid=0986eca1-1eaa-4098-b368-9833f0c9eff2&gpid=%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%2Fbleepingcomputer_728x90_320x50_InContent_1&maxw=728&maxh=90&si=1041555&pi=3&bf=728x90&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.8%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.8&lt=1726752947872&to=420&aun=bleepingcomputer_300x250_300x600_160x600_Right_3&pubcid=0986eca1-1eaa-4098-b368-9833f0c9eff2&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3&maxw=300&maxh=600&si=1041554&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.8%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.8&lt=1726752947884&to=420&aun=bleepingcomputer_300x250_300x600_160x600_Right_3&pubcid=0986eca1-1eaa-4098-b368-9833f0c9eff2&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3&maxw=300&maxh=600&si=1041558&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.8%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.8&lt=1726752947884&to=420&aun=bleepingcomputer_300x250_300x600_160x600_Right_3&pubcid=0986eca1-1eaa-4098-b368-9833f0c9eff2&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3&maxw=300&maxh=600&si=1041553&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.8%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&ns=10240
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.8&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tmax=622
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
ex.ingage.tech
URL
https://ex.ingage.tech/v1/openrtb
Domain
hb.yellowblue.io
URL
https://hb.yellowblue.io/hb-multi
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=393562
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=2%3B15%3B15%3B2%3B15&alt_size_ids=55%2C57%3B9%2C8%2C10%3B9%2C8%2C10%3B%3B9%2C8%2C10&rp_schain=1.0,1!freestar.com,412,1,,,&eid_pubcid.org=0986eca1-1eaa-4098-b368-9833f0c9eff2%5E1&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_v.id=0d2426b2-0065-48d3-9360-a53d168936a0&tg_i.domain=bleepingcomputer.com&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_i.name=bleepingcomputer-com&tg_i.cat=IAB19-25&tg_i.sectioncat=IAB19-25&tg_i.pagecat=IAB19-25&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=535&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%3B%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%3B%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%3B%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%2Fbleepingcomputer_728x90_320x50_InContent_1%3B%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3&tk_flint=pbjs_lite_v8.49.8&x_source.tid=b627fe12-e584-47e4-912d-e5efff440dcf&l_pb_bid_id=1360a84b8a8ac1fe%3B137edca9c107becc%3B138ef3e7410e0466%3B1396d54e2df40173%3B14039859b77de992&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=66889a4a-fc40-4c59-869b-d0cc449b7e60%3Bdb6e936b-35e9-4d38-98ad-f9fb807eff03%3B33dc0f8f-e48a-4b6e-8d82-60cf8993fed7%3Bcfaea726-09e6-49ad-bf71-de783d3f9591%3B58aa0093-1a5f-415d-a6d6-2b7568b2e073&rp_maxbids=1&p_gpid=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%3B%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%3B%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%3B%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%2Fbleepingcomputer_728x90_320x50_InContent_1%3B%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3&m_ch_mobile=%3F0&slots=5&rand=0.6358383220563839
Domain
7a6ca953a7993755c4024080786e3253.safeframe.googlesyndication.com
URL
https://7a6ca953a7993755c4024080786e3253.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=&pcid=660e6b66996a490e85b1a7c15e2b4b7f
Domain
i.liadm.com
URL
https://i.liadm.com/s/81549?bidder_id=246480&bidder_uuid=660e6b66996a490e85b1a7c15e2b4b7f
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
s2s.t13.io
URL
https://s2s.t13.io/openrtb2/auction
Domain
prebid.media.net
URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hb.yellowblue.io
URL
https://hb.yellowblue.io/hb-multi
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.8&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tmax=622
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=393562
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=2&alt_size_ids=1%2C19%2C43%2C44%2C55%2C117%2C221&rp_schain=1.0,1!freestar.com,412,1,,,&eid_pubcid.org=0986eca1-1eaa-4098-b368-9833f0c9eff2%5E1&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_v.id=0d2426b2-0065-48d3-9360-a53d168936a0&tg_i.domain=bleepingcomputer.com&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_i.name=bleepingcomputer-com&tg_i.cat=IAB19-25&tg_i.sectioncat=IAB19-25&tg_i.pagecat=IAB19-25&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=535&tg_i.fs_ad_product=stickyFooter&tg_i.pbadslot=%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&tk_flint=pbjs_lite_v8.49.8&x_source.tid=1e2c771d-3842-47a4-b801-7d0b24544c6b&l_pb_bid_id=19192d19e63ea8b3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8bfb46d5-a321-4244-9627-9e247fdf4071&rp_maxbids=1&p_gpid=%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&m_ch_mobile=%3F0&slots=1&rand=0.7185688117448277
Domain
ex.ingage.tech
URL
https://ex.ingage.tech/v1/openrtb
Domain
rules.quantcount.com
URL
about://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Domain
s2s.t13.io
URL
https://s2s.t13.io/openrtb2/auction
Domain
prebid.media.net
URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Domain
hb.yellowblue.io
URL
https://hb.yellowblue.io/hb-multi
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.8&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tmax=622
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=15&alt_size_ids=2%2C1%2C16&rp_schain=1.0,1!freestar.com,412,1,,,&eid_yahoo.com=O9qcUPfIuMQymNib4bdorUw3xj78dhUibMPKqldWuzgsjkDB4t45Ph2fzUn6bZHZCOrdD5B1seUWL1Yf78cm5w%5E3&eid_criteo.com=BvtYTV9ZJTJGViUyRlRYSW12SnZwQlVIelFNdXNYRWZrSjlXTzVEaTlpYSUyQkczak50TWZONWJibXZoc3dDc2VQUm9BRm1mUld1V25YVXcwcHJXMDNkU3c1YkY3cnpKTmJmeHN4amJVYWgxelJBWFh5aUVKUSUzRA%5E1&eid_pubcid.org=0986eca1-1eaa-4098-b368-9833f0c9eff2%5E1&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_v.id=0d2426b2-0065-48d3-9360-a53d168936a0&tg_i.domain=bleepingcomputer.com&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalware-locks-browser-in-kiosk-mode-to-steal-google-credentials%2F&tg_i.name=bleepingcomputer-com&tg_i.cat=IAB19-25&tg_i.sectioncat=IAB19-25&tg_i.pagecat=IAB19-25&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=535&tg_i.fs_ad_product=dynamicAd&tg_i.pbadslot=%2F15184186%2Fbleepingcomputer_728x90_300x250__320x100_320x50_dynamic%2Fbleepingcomputer_728x90_300x250__320x100_320x50_dynamic1_slot&tk_flint=pbjs_lite_v8.49.8&x_source.tid=209ca183-9427-46a0-9faf-c04ebeb1b1c0&l_pb_bid_id=218dd0e1920a6558&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ab26afcd-1e50-40cd-a9f2-89642a76c219&rp_maxbids=1&p_gpid=%2F15184186%2Fbleepingcomputer_728x90_300x250__320x100_320x50_dynamic%2Fbleepingcomputer_728x90_300x250__320x100_320x50_dynamic1_slot&m_ch_mobile=%3F0&slots=1&rand=0.5907546779560642
Domain
ex.ingage.tech
URL
https://ex.ingage.tech/v1/openrtb
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=393562
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
pb-ing.ccgateway.net
URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Domain
pb-ing.ccgateway.net
URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
s2s.t13.io
URL
https://s2s.t13.io/openrtb2/auction
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.8&referrer=about%3Ablank&tmax=622
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
hb.yellowblue.io
URL
https://hb.yellowblue.io/hb-multi
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=393562
Domain
ex.ingage.tech
URL
https://ex.ingage.tech/v1/openrtb
Domain
pb-ing.ccgateway.net
URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Domain
pb-ing.ccgateway.net
URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Domain
pb-ing.ccgateway.net
URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end

Verdicts & Comments Add Verdict or Comment

353 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| cnx object| freestar object| apd_options function| gtag object| dataLayer object| adsbygoogle function| Blazy object| _pubfigInstanceManagerConfig object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag function| call_main_nav_hide function| loadDeferredStyles function| raf boolean| fifabAlready function| fi_fab object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| google_tag_manager object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| fsprebid function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| fiUtils object| $customVisiblity object| $waitOn object| cnxResources object| fsprebidChunk object| _pbjsGlobals object| mnet object| cnx_player_usr_storage object| cnx_webpack_global_elements_529897 object| cnx_usr_storage function| load_script object| confiant object| apstag function| _hadron object| edktInitializor object| liQ_instances object| _qevents object| google_tag_topics_state object| lotame_sync_17331 function| pubHadronCb object| hadron boolean| __halo_loaded__ object| _aps boolean| apstagLOADED object| apscustom object| player_instance_902c570d6ef64b3a985432cb9ed9bc3f object| au object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| quantserve function| __qc object| ezt object| __bt object| __bt_intrnl number| ntvLoadStart object| ntv object| prdom object| ntvValidTopWindow object| onFocusEvents object| ntvData function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds object| __bt_tag_d function| lotameIsCompatible function| sync17331_aa function| sync17331_c function| sync17331_f object| sync17331_h function| sync17331_ca function| sync17331_j function| sync17331_da object| sync17331_ object| sync17331_ia object| sync17331_ja object| sync17331_s object| sync17331_wa function| sync17331_a function| sync17331_b function| sync17331_g function| sync17331_i function| sync17331_k function| sync17331_l function| sync17331_m function| sync17331_n function| sync17331_o function| sync17331_p function| sync17331_q function| sync17331_r function| sync17331_fa function| sync17331_ea function| sync17331_ga function| sync17331_ha function| sync17331_t function| sync17331_v function| sync17331_w function| sync17331_x function| sync17331_ka function| sync17331_la function| sync17331_y function| sync17331_ma function| sync17331_z function| sync17331_A function| sync17331_u function| sync17331_C function| sync17331_na function| sync17331_oa function| sync17331_pa function| sync17331_D function| sync17331_E function| sync17331_F function| sync17331_qa function| sync17331_G function| sync17331_H function| sync17331_I function| sync17331_K function| sync17331_M function| sync17331_L function| sync17331_N function| sync17331_O function| sync17331_J function| sync17331_ra function| sync17331_sa function| sync17331_ta function| sync17331_ua function| sync17331_va function| sync17331_P function| sync17331_Q function| sync17331_xa function| sync17331_R function| sync17331_ya function| sync17331_za function| sync17331_Aa function| sync17331_S function| sync17331_Ba function| sync17331_Ca function| sync17331_Da function| sync17331_Ea function| sync17331_T function| sync17331_Fa function| sync17331_U function| sync17331_V function| sync17331_W function| sync17331_X function| sync17331_Ga function| sync17331_Y function| sync17331_Z function| sync17331__ function| sync17331_0 function| sync17331_1 function| sync17331_2 function| sync17331_Ha function| sync17331_3 function| sync17331_Ja function| sync17331_Ia function| sync17331_4 function| sync17331_La function| sync17331_Ma function| sync17331_Ka function| sync17331_Na function| sync17331_Qa function| sync17331_Pa function| sync17331_Oa function| sync17331_Sa function| sync17331_Ua function| sync17331_Ra function| sync17331_6 function| sync17331_Ta function| sync17331_Xa function| sync17331_Wa function| sync17331_Va function| sync17331_7 function| sync17331_5 function| sync17331_8 function| sync17331_Ya function| sync17331_Za function| sync17331__a function| sync17331_0a function| sync17331_9 function| sync17331_1a function| sync17331_$ function| sync17331_2a function| sync17331_3a function| sync17331_4a function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ia object| sync16576_ja object| sync16576_s object| sync16576_wa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_ga function| sync16576_ha function| sync16576_t function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_ka function| sync16576_la function| sync16576_y function| sync16576_ma function| sync16576_z function| sync16576_A function| sync16576_u function| sync16576_C function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_qa function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_M function| sync16576_L function| sync16576_N function| sync16576_O function| sync16576_J function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_P function| sync16576_Q function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_S function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_T function| sync16576_Fa function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Ga function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_Ha function| sync16576_3 function| sync16576_Ja function| sync16576_Ia function| sync16576_4 function| sync16576_La function| sync16576_Ma function| sync16576_Ka function| sync16576_Na function| sync16576_Qa function| sync16576_Pa function| sync16576_Oa function| sync16576_Sa function| sync16576_Ua function| sync16576_Ra function| sync16576_6 function| sync16576_Ta function| sync16576_Xa function| sync16576_Wa function| sync16576_Va function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Ya function| sync16576_Za function| sync16576__a function| sync16576_0a function| sync16576_9 function| sync16576_1a function| sync16576_$ function| sync16576_2a function| sync16576_3a function| sync16576_4a object| auvars object| PublisherCommonId function| _33AcrossIdMappingsProvider object| __id5_finalization_registry object| ID5

90 Cookies

Domain/Path Name / Value
.smartadserver.com/api Name: pid
Value: 1025924811267706626
.liadm.com/j Name: lidid
Value: 5b2dafe8-e01d-4646-b142-f5b3ce2a7714
.bleepingcomputer.com/ Name: session_id
Value: 7430453308568a0e2122364251c98a18
www.bleepingcomputer.com/ Name: lav
Value: 20893
.pub.network/ Name: _fsuid
Value: 0d2426b2-0065-48d3-9360-a53d168936a0
.bleepingcomputer.com/ Name: _ga_GD465VRQLD
Value: GS1.1.1726752942.1.0.1726752942.0.0.0
.bleepingcomputer.com/ Name: _ga
Value: GA1.1.1870454902.1726752942
cdn.firstimpression.io/ Name: OAID
Value: 4fc56cd874c5450b196012972783ef11
.connatix.com/ Name: cnx_userId
Value: 660e6b66996a490e85b1a7c15e2b4b7f
.bleepingcomputer.com/ Name: _li_dcdm_c
Value: .bleepingcomputer.com
.bleepingcomputer.com/ Name: _lc2_fpi
Value: 83077f409aa5--01j857xwvpfdt0vces3nt7r7w2
.bleepingcomputer.com/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1726752945015%7D
.bleepingcomputer.com/ Name: cookie
Value: 0986eca1-1eaa-4098-b368-9833f0c9eff2
.bleepingcomputer.com/ Name: cookie_cst
Value: zix7LPQsHA%3D%3D
www.bleepingcomputer.com/ Name: _lr_retry_request
Value: true
www.bleepingcomputer.com/ Name: _lr_env_src_ats
Value: false
.33across.com/ Name: check
Value: true
.yahoo.com/ Name: A3
Value: d=AQABBLEo7GYCEHXs6znBBnjCwtpV3apuz94FEgEBAQF67Wb2ZiXaxyMA_eMAAA&S=AQAAAophT5wkX0_0cptQAul_RKk
www.bleepingcomputer.com/ Name: ccuid
Value: 660692ae-7744-4dd7-aaa7-a426d7c679cd
www.bleepingcomputer.com/ Name: cnx_userId
Value: 660e6b66996a490e85b1a7c15e2b4b7f
.bleepingcomputer.com/ Name: connectId
Value: %7B%22puid%22%3A%22627736b1b59d951fb4be0c0020a8f03fcdeb4299276c76eb4df80b874100e563%22%2C%22vmuid%22%3A%22O9qcUPfIuMQymNib4bdorUw3xj78dhUibMPKqldWuzgsjkDB4t45Ph2fzUn6bZHZCOrdD5B1seUWL1Yf78cm5w%22%2C%22connectid%22%3A%22O9qcUPfIuMQymNib4bdorUw3xj78dhUibMPKqldWuzgsjkDB4t45Ph2fzUn6bZHZCOrdD5B1seUWL1Yf78cm5w%22%2C%22connectId%22%3A%22O9qcUPfIuMQymNib4bdorUw3xj78dhUibMPKqldWuzgsjkDB4t45Ph2fzUn6bZHZCOrdD5B1seUWL1Yf78cm5w%22%2C%22ttl%22%3A86400000%2C%22lastSynced%22%3A1726752947398%2C%22lastUsed%22%3A1726752947398%7D
.bleepingcomputer.com/ Name: cto_bundle
Value: zOp0Tl9UMVZoM0dkQWdQOTRHNGRWQ1M2Vk9JNFElMkJ4WUZ6WU41QzJ5NkJKM0NacWxMdUxYaEllUGVkZVFXcklyT0xiJTJCQzNDZGxqYlp1QXZSTyUyRkNkTk1SdzRUdGdJT3ZvJTJCQmx6Z1M1NlhLTyUyRm5KSkM0WVRNV2NKUXFlMDFVcndFOWtHJTJCTA
.bleepingcomputer.com/ Name: cto_bidid
Value: BvtYTV9ZJTJGViUyRlRYSW12SnZwQlVIelFNdXNYRWZrSjlXTzVEaTlpYSUyQkczak50TWZONWJibXZoc3dDc2VQUm9BRm1mUld1V25YVXcwcHJXMDNkU3c1YkY3cnpKTmJmeHN4amJVYWgxelJBWFh5aUVKUSUzRA
.adsrvr.org/ Name: TDID
Value: bc8b0835-1393-4f63-9270-2da844e8deab
.casalemedia.com/ Name: CMID
Value: ZuwotNHM6VUAAGKwAFEXggAA
.casalemedia.com/ Name: CMPS
Value: 3513
.casalemedia.com/ Name: CMPRO
Value: 3513
.doubleclick.net/ Name: IDE
Value: AHWqTUkSoKhTumgHK74Cb1ISeoI-P7YFnmohbdP5WDt2pWPC7QJmktMBCHYyCRtSXLA
.33across.com/ Name: 33x_ps
Value: u%3D212797003281812%3As1%3D1726752948268%3Ats%3D1726752948268
.yellowblue.io/ Name: wrvUserID
Value: 8Mnto9Brkp_s
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjurb661q6sPRAFOAE.
.3lift.com/ Name: tluidp
Value: 515864219262712206300
.3lift.com/ Name: tluid
Value: 515864219262712206300
.adnxs.com/ Name: XANDR_PANID
Value: WUUgIPFA395bjBSlPyZhHELb235tTiefxKq7WfOEyXaEX6KgBN_a0qDjkbqBEEexY1qptif4v81x_cgXA_FX5SXhfRnlt_-aHMRxN0s-dYA.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 581897326773403389
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: uid
Value: 8370024903361637794
.liadm.com/ Name: lidid
Value: fb3e38e3-2213-4535-a20b-0be3f332c362
.id5-sync.com/ Name: id5
Value: 663a3639-a137-7627-bc05-a151a13b62bf#1726752945892#2
.bleepingcomputer.com/ Name: __gads
Value: ID=a6f6ec05bdf48766:T=1726752948:RT=1726752948:S=ALNI_MaRAncOTeub1_vYbYD3WaFefzrAbw
.bleepingcomputer.com/ Name: __gpi
Value: UID=00000a518c9e054b:T=1726752948:RT=1726752948:S=ALNI_MZvJFhvAu8MXRnrPbH64TM6FThwYg
.bleepingcomputer.com/ Name: __eoi
Value: ID=4d6b207cf343132b:T=1726752948:RT=1726752948:S=AA-AfjbVxpo1tFFGQ1ZNlq248JwM
.go.sonobi.com/ Name: __uis
Value: efcb09bb-e5a1-4f81-8bc3-973d1c186f0c
.go.sonobi.com/ Name: HAPLB8G
Value: s8635|Zuwou
.ctnsnet.com/ Name: cid_4b889810fd7f4e8c83fe907574592b07
Value: 1
.smaato.net/ Name: SCM
Value: 6db2e17714
.smaato.net/ Name: SCMg
Value: 6db2e17714
.contextweb.com/ Name: V
Value: entIUMJq7Y6Q
.contextweb.com/ Name: VP
Value: part_entIUMJq7Y6Q
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1tq8|7Xz.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1tq8|7Xz.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 54da74b0f46dd029
.ads.stickyadstv.com/ Name: UID
Value: ebe0e44056419bacaa87a61f23a4c317
.sitescout.com/ Name: ssi
Value: b75d9ed5-993d-48a9-bf04-5e8cf4ba9ae2#1726752951555
.resetdigital.co/ Name: ckbk
Value: 0000015ABACC79AE
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTcyNjc1Mjk1MTYyNiwiNyI6MTcyNjc1Mjk1MTYyNiwiNjEiOjE3MjY3NTI5NTE2MjZ9
.sundaysky.com/ Name: sskyu
Value: d6.568403bec21748e2ba58c1db28832e28
.sundaysky.com/ Name: sskyCreationTime
Value: 1726752952303
.sundaysky.com/ Name: sskya
Value: "e2N4Ont0czoiNGp0Y2ZzIix0OiJuaSJ9fQ=="
.colossusssp.com/ Name: gtm_usr
Value: 62b6fdf2-16a5-45a0-9002-6edbd2aac242
.colossusssp.com/ Name: lmg_r
Value: 74
.3lift.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: M19C4HLW-1U-5N3I
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bG5lBfFH0+80Ei4HlpWtDn6PFJzZ10oI6HRy0cgrEamkKJVRLaTW03KgLURNJgIIwuzxsMKShnwWL7FQD2yB//hvsVAPbIH/+GyqVI1k5poNA==
prebid.media.net/ Name: receive-cookie-deprecation
Value: 1
.ingage.tech/ Name: __cf_bm
Value: Lr4Zbuyt29J_JJhUhQYbso.JcCHywSx33cNLOXujo3M-1726752952-1.0.1.1-nZOP.TLNGSF2KWSIy2xqwsGAb8g1UGVEdlExyr2GishxKnoyV8YdvP5lu5UjtHjYSR2w15ufc3GbSLlISXDl3A
.ipredictive.com/ Name: cu
Value: 31b7a3b9-e544-4ba9-a78c-96fec3de5650|1726752953623
.ad.gt/ Name: au_3p_check
Value: 1
.adnxs.com/ Name: icu
Value: ChgIodc0EAoYBCAEKAQwutGwtwY4BEAESAQQutGwtwYYAw..
.yieldmo.com/ Name: yieldmo_id
Value: VRYofYYK3oYot_1DS8ch%7C1726704000000%7C0
.quantserve.com/ Name: mc
Value: 66ec28bb-60c27-39825-fc787
.bleepingcomputer.com/ Name: __qca
Value: P0-1260303962-1726752948934
.tremorhub.com/ Name: tvid
Value: e41d024793374cf499f781052764e5f1
.tremorhub.com/ Name: tv_UISCX
Value: 660e6b66996a490e85b1a7c15e2b4b7f
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 61f567e25b16346cf74288c4ac1050cb
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQMDNMMzUzTzUyTTI0MzYxS04zNzGysEg2SUw2NDA1SE5iAIK0Nxr7GRAAAEm7Crc%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBIe6OxnwEOABu3Ajo%3D"
.tapad.com/ Name: TapAd_TS
Value: 1726752959226
.tapad.com/ Name: TapAd_DID
Value: fc81c65a-6062-471e-b3a0-34736174721a
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.bleepingcomputer.com/ Name: lotame_domain_check
Value: bleepingcomputer.com
.bleepingcomputer.com/ Name: _cc_id
Value: 61f567e25b16346cf74288c4ac1050cb
.bleepingcomputer.com/ Name: panoramaId_expiry
Value: 1726839361122
.turn.com/ Name: uid
Value: 4431262957904967240
.bidr.io/ Name: bito
Value: AABZak7N2FIAABYXV8En4A
.bidr.io/ Name: bitoIsSecure
Value: ok
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-77f2fc8e-b914-43b5-afd5-d80cfef17de3-005%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-77f2fc8e-b914-43b5-afd5-d80cfef17de3-005%22%7D

7 Console Messages

Source Level URL
Text
network error URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct(Line 9)
Message:
WebSocket connection to 'wss://testerr.escalated.io/testerr424i' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: about://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Message:
Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
security error URL: about:blank
Message:
Refused to execute script from 'https://c1.adform.net/cookie?redirect_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D46%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DAdForm%26api-tier%3D1%26uid%3D%24UID&gdpr=0' because its MIME type ('image/gif') is not executable.
network error URL: https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: about:blank
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=1025924811267706626&pId=40&gdpr=0&gdpr_consent=' because its MIME type ('image/gif') is not executable.
security error URL: about:blank
Message:
Refused to execute script from 'https://x.bidswitch.net/sync?ssp=connatix&user_id=660e6b66996a490e85b1a7c15e2b4b7f&gdpr=0' because its MIME type ('image/gif') is not executable.
network error URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D660e6b66996a490e85b1a7c15e2b4b7f%26pname%3DLoopMe%26api-tier%3D1%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7a6ca953a7993755c4024080786e3253.safeframe.googlesyndication.com
a.ad.gt
a.pub.network
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
api.edkt.io
api.floors.dev
api.rlcdn.com
bcp.crwdcntrl.net
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
c.pub.network
c1.adform.net
c2shb.pubgw.yahoo.com
capi.connatix.com
cd.connatix.com
cdn-ima.33across.com
cdn.confiant-integrations.net
cdn.edkt.io
cdn.firstimpression.io
cdn.hadronid.net
cdn.id5-sync.com
cds.connatix.com
cks.connatix.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connatix-supply-partners.tremorhub.com
cs-server-s2s.yellowblue.io
cs.media.net
csync.loopme.me
d.pub.network
de.tynt.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
ex.ingage.tech
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
g2.gumgum.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ctnsnet.com
i.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
ids.ad.gt
idx.liadm.com
ins.connatix.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
optimise.net
pa.openx.net
pagead2.googlesyndication.com
pb-ing.ccgateway.net
pb-rtd.ccgateway.net
pixel-sync.sitescout.com
pixel.quantcount.com
pixel.quantserve.com
pixel.tapad.com
prebid.media.net
qsearch-a.akamaihd.net
rp.liadm.com
rules.quantcount.com
s.ad.smaato.net
s.ntv.io
s2s.t13.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum.casalemedia.com
sync.1rx.io
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.resetdigital.co
sync.targeting.unrulymedia.com
tag.escalated.io
tags.crwdcntrl.net
tlx.3lift.com
ups.analytics.yahoo.com
us-u.openx.net
vid.connatix.com
vop.sundaysky.com
widgets.outbrain.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
7a6ca953a7993755c4024080786e3253.safeframe.googlesyndication.com
ads.pubmatic.com
api.rlcdn.com
c2shb.pubgw.yahoo.com
cs.media.net
csync.loopme.me
de.tynt.com
ex.ingage.tech
fastlane.rubiconproject.com
g2.gumgum.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
pa.openx.net
pb-ing.ccgateway.net
pb-rtd.ccgateway.net
prebid.media.net
rules.quantcount.com
s2s.t13.io
secure-assets.rubiconproject.com
sync.intentiq.com
tlx.3lift.com
us-u.openx.net
104.18.21.206
104.18.35.167
104.18.36.155
104.18.41.106
104.18.43.90
104.20.184.56
104.22.5.69
104.22.53.173
104.26.12.6
104.26.2.70
104.26.9.50
104.96.85.204
108.138.106.108
108.138.115.149
108.138.127.64
108.138.128.124
141.95.98.65
142.250.65.230
142.250.72.110
142.250.72.99
142.250.80.106
142.250.80.40
142.250.81.227
142.250.81.228
142.251.32.98
142.251.40.130
143.244.222.249
162.19.138.83
172.217.165.130
172.240.155.108
172.64.146.152
172.67.38.106
172.67.41.60
18.238.49.109
185.167.164.42
192.184.68.228
192.184.68.254
207.65.37.179
23.105.12.171
23.200.0.203
23.203.179.38
23.44.136.16
3.131.10.225
3.168.122.60
3.217.64.231
3.222.148.106
3.231.87.30
3.81.174.250
34.107.140.113
34.111.113.62
34.111.152.239
34.120.111.33
34.120.63.153
34.160.128.112
34.160.152.31
34.195.102.116
34.36.216.150
35.186.193.173
35.211.202.130
35.244.193.51
35.71.139.29
44.198.40.30
44.210.226.144
44.213.160.10
44.217.140.218
52.22.170.1
52.223.40.198
52.7.226.231
52.85.61.119
52.85.61.120
52.85.61.91
54.184.54.14
54.189.44.64
54.90.36.18
63.251.28.230
67.202.38.170
68.67.160.186
69.147.92.12
69.166.1.67
69.173.146.10
69.194.240.13
69.194.242.12
74.119.117.17
74.214.194.131
0067811c92066b0cd35e2e0177de7acc358b88486406e1160f579dc3661e9cc5
01edf57373c19ed033b0737420a8ef2409aa35a7b5b0f44e955a1e11c7907e6b
05256c56af95cb837667423c41546cb335d4c08c1f9710242030ccc3d5a20bb5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0763ee5900979bc51a5fc48b08901974a4cab27cf54d5d1e882f6bb763da6275
0a9d0a88f1527d53cb25a280c4419ef9a4ab5d3bfc60348a2209a52b75523eda
0d94e0cbb4ff3e0e391ec27d18181920299df0d5a310566ba984af39cdab058e
0dd28e5276236a26e8acdb884b306f425638b21053283c704b0817a7171c4e16
0e81599466fe50ccc9e1d24f0b344db06f1df2ebb3e634c7dc0308e0fb89d138
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
10b4094501644ad85a67a98c6c8ce2484467bb67dc402ad690e8239dd3f1f11b
121ed9cb0e25a4a58cf94170798eee2d8c7024f70081f87229d773966b21d09b
12a73c3d400a9f3cca5c54ba668bd79cdc6fa95168e6a412505441f6851b77b4
138d104fdec9cad8910a9cb29e4fb35e23fb0814a9afbd2cdf94c84346cbe6f0
14d2ff72771529c3d062b19bab3abe37dd3fb8830e453f5592092a6409acb32b
1680f7aecf89041b400c8d2d56a7445eb903077bb03c351119ebbfd1bf2b4461
16b1f6dea740ca18ea336ed6223b9edce86611604a00c221bf500e4c901d698c
189226a46279bbacb04ea6704ba733616fc7ddd94c753e767b0be91599cd1c0b
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1a4a991f1f416a068a8c6f033bb67d93367811314cd34ce4bd6ded15aaf57634
1be95367fe0ba2a25256c238150e2d26bc242de7e9510c058868e216520f14cf
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43
1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587
21c9adb6edd818867c01ecd4e2bb2725a50ae7bc70b841e44673d8ff857daa9d
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
23773c9860da1868bf3be9447bfcc8f3bc4a9833ee602164896541e7cb902387
23df0276fbd15fc73deb21ba8f509e71f9d9f34286de5fae22421956e979daf0
240a37b73aca09b1e2bfe1ebbf4902253f88dc8a15fd08441f69681b12516133
243c0d12ad72ec2edb96e7ca4195e6421deef3fe9837c4c1736f7a3334cdcbf6
24530ffc2110f466fa6a5b4595656003f1f7d22070f27a99b97f0ca874907e45
245aa16215b3d12fe00d7fe2eadbbaece445b471b108bdb16401e1816fecf40a
259e6141ae8281568d8a7d2bdf0ba25dbb6022044b5da07e2cfe41da308c906e
27fef41607c030eacd65dbe7c28aedcc901aeb9d08c25207fd66ac5be0288882
29597da20b0161859e4f6cfa511c5cacaa52436932b93d3ebe16594364c7a96c
2b2c08d9c7d102f02ed572e35f74134af4f5d371724c580ea5cec9a703d8bd20
2c2fac048783c64eaa466fcc19026ca88642b2a2e91b20c9c834d16cd8db1ec0
2d6f9b18eab6720a2cd2440fbef594969273df0628650f5ed3b9b18690ec5184
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126
32c1ae0e0a4adff512a5ba3ded8a675f4afd5cfe248fc43403f837a9aeb08498
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
33ba7c2cea36307f37734f947f5f6d99f1d31baa5c75bc27b9e84a25e0e1df22
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
341e6f392b2615b8ead19ecfbd20e0baaf44f55e8f3f0e240a79500f144800c6
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
36f2f239b0a62b10935390f6e44b52f0020777f98303d66aba0dce4e5feea1c6
393046f02647b1a0e07e367dbb68e334e00466b9950589082c8baf7d3a45bddc
39a9cec6624a83288728425ca1481245a108d71c30163a8c16f08bf87d06005a
3a32712d7d08adabdfa7e74620ee1c282371cdc869d6b430095c3cc2d1a705cc
3a32df83a352b59d8d913d60ffdc673406a00386435ceaaabbcba84c50d8b5ac
3c084cfc5682a90f51571766a9806b27777e301fbec8bf3139e83efeed2700ca
3cc3e7477f9c8eef291c048ee6e8e4e15d57a4b95c315089e072ef1dd190fb2c
3d279454163e9335e938dc0b1c168e9963af2e5d40f3dd85fe2ff142061dadea
3d27db0f7711901d4e969f5941e21bee21bfb27ea780557abce74340d4b02295
3f42a674b938beee58f1bdde8256a3e75c46999fc0adf2826288323edcff440f
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718
4326e6ba93b30cfec2341bc2cfbc3b718e6d32497c9cb9dfcf70a28e36b6c190
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45a8fef330cf0d3e216c83abe80bc0def44584c276357ce28b217431754cf41e
47f9154857e3b0fdd934cce641c49a6ddb14ebe3ae1f7678a9152259cf60e99c
48c371b50d16257535224e39fa7e24daf19bee3a7c8cd7d014c836cf7a1558fc
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4cbf3c422de9dd1138a40ce357476ce8ae988f0a2a1f3a72f8679ccd5b67aa10
4d6af3a1417c69ce6db32b62baca8e6bdf714128ff4976dbd249cc8d09763887
4d72ab5cce5d1e94e1a518bc852d8680fb9f54f90d05af08aba41cac5631b0a3
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4f7db1214904712cec872e10f74b8a4dd35e639f3fdb328e26c3494e9e9965fa
5486f42f6d7f1fb3adbf924bbec4d772a8adc5d2e4b0cff68f5c076eb9e76f49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5682efab4c6662e3ffcfcea530a81f97599b41fa107bd535500ec9238f2b7703
596e05d795ac197c7c3b6512fa2d32ff1d95c765efa6c8c4e4864f8f0298126e
5a587cd3295b48e3dd9a73e72633582c52e615a5cf74a3f76a030e9de0572602
5b101d0011cc2321a6466608677f6ea58ecb9b4a143b407de8d7fe917851cb1b
5b5ae240a18bb64b5ba3fa62d80ad8c4c725ba64f5fefdbe21f6e743a233a7e3
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5eb6e81bf3a8a50152b753f818a4567ad8efb3aaf7e993f9fef8fc27803510a7
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
6079032a34fc3bb4307c908d23d3874664c3eb96f4d2abaa8a55849baa382138
61114713a02e21f68b203212dc5c5234db262a6dd5985c04aefd5cbc2fac45e6
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
64502a4e175debf859635c4bc5ac52181bb3bf8d436a9146397e47cb675ffd20
651388948a3444f5e74d15fefeb121fa16fea72c1b4d9e60beb4bee393cf2e3b
666d6102b5206bb70da7195aee0bf0d23dff1fdbed22ef259e3c54c64c36080d
674e0580ec30c0c08da895d8e7a84f103b99d51091b012e9839c2e5db29b005c
67a1a3bc747f7bb1a52106937267d02198d2bdccc668a67853764f7241ad4808
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
697e6246529c73e8852ecc7fec6d9dc69311b80645391837bf8e08a95a6338b7
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
6d8c3b7b5477520ecbc76836ecae08b0190393f41aa66ef4687e1a7284877e62
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6f256b59004beadefbac9168d0380485ac8ed71a2546f2bd3d55e8702eee4d9a
6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa
7007c0fb4b03f9e05635501c0df192f63fb6c1299bb1c68a96e89547672464d3
7042a4a56ea0372f5a3a66c49a7a4c1ef3be929725f8bb752a1dedcdbfae3319
70a1e70a37676a5ff383b0b8bed7397837b118fb8728601a969c3d401e6d026a
7105f483747f63150937eba447c9a0e87f5bcf1e9f6724526f7951aa60af4290
712369aef7db8ee613780ed94892762890345add2113c7749b2f03b819c0a4fc
715bb882d8bad48337e75868220005e60be273cfe66ac666e50c5f9ca2cb03d1
71609e712f51acba6b35c0d76ca57e07afc2fdda35305f2fca8ea7ab58f26ad9
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
77879f54400e07c9d73fefd1e1e06fd736e7dbeffea7669790620753125671ff
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e6b39027b698d3bbccb6ae1edbca164680a232ddb4fe56a3bf9558cf7951e4e
7fe515546216c323743f71ef37c636b95590b4367c24f89cb97751b2267147c7
7fff1569ea68ef52782ba25b0cf3934627f7a4fc1e8e22f4652de959c5f97978
81dbe7f87a0b8060dc32882642f85aec878821d8f148f4d4ebe602e7438ef4d4
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
827eba33ff7f627627e79285ae329f7269998b7ca965f96f2c1ee59ce7116406
853bb1cd5082672e3d15561a41ccdabdbbb9d3c62cf30821f16ee4ff7cdd2d4c
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
85ec946c0796cb02a72e12bd6a9b4178e39938cd2769d53fd672e7b315004bff
863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a493bf2a5e2bcd6ebd2c6a4005e81e6f1d85a9510bf1632466514f79e9a99d6
8c6461f74d9b94f86a3fb0850ec1d92dcf17d570843e5635288481b765786048
8cba9c0bad6ab9ae56a8adf99dc81e16d1d658d8e49c999640f347aa6cbbb339
8d414c52b82ece25589771f72028163e28027d693ac1e75e2b0c5feb2ba2e893
8da364092fcca0c03c8d90746adf78abd28edf7c2cce987ff76a7cd5efdf215c
8df5336eb07a097c0454f553c467db6d01c627c4779292da1119d0c1ad62def6
8e0ee6b5126b27685602d7c028a175a86ddc6f51ce2c17cf99fa067ef8e59d2c
9386205f7e28b89d73376bfa985ed5c2c257f383bc9249001f65348ceedd7801
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
9754983fb392b18c37ac4718abbdff1fcff864ae54fe07f3d6c04041d0322b1d
9a3c499fba4036cad75d36c85a172112d5b6c0a11d9a456cea842325b1e9979d
9b6a8166404c55bd5b9148597b0492dc78a7eb7fe6d8ca6050ebb655656e1f4d
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9bff40cca7d5beb68d507b54d9a8753c067ffeca9bc39f32c3596843b6b6c272
9c14cbb599f38c738cdb008be9f46c31d1e9ff2b1a86f89566c13b0cf75ed62f
9cc94054f28eb67bc4bc313a1d9707399b89776b32c415976c69002d32ef2561
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949
9d87e2f37df4c75db4d67eb4bd8013a83624b0e4d0ed2d98460b060c6572a8b4
9da1e14c55cde6c9ef821ed9281ad6f79c0320fb9e7286654d5f85b38054b33b
9e758823887771b358f39a2a4d134298acd44615d60478432603da30dc04953a
9f8f24e8668d36ea11846467976fbe1e9b9817ce5407ab14b67698ea2a2fda31
9fe3fa9b6d5ba52dff72560f9ba9b7fde8bf8a1b1a9e3f0aaabccc1bd6ce07ef
a03fdbfe8dbcbbd024b57f3764d78b07bc70960c6396b499820d887eff0a7fb4
a065f497cb52a6558614c63c0859a4fcfca8f518311de1f096f8cea2987f9197
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a22349db0e4eaef73c148bab59629601f0c6b94c55213e161cf002d614b63b66
a4c98f9e18a307396b770355dfda6afb7cedc6fbb757b8a2eae3d8fe4a0e2538
a52d20b0d83f196bf9138f8fb259e645d6c231b53ecd7699a072d96f552dbb74
a6d4cb9a0aab64b437ebc30dd0616a1433d50abc6519427d9287824ec335015d
a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af
aa326a729a213ec85de0b40867e75ba204b16a7449009da14b6e253813673227
aa41feda3b4e9bf1010184194f6efce135a41003d0121cbb67c01ab4e2601ff6
aa893c86f2012f6b8743199994a4b733b32070b86df6bfe437e3feb2adb23303
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ad64b4fb67e37febde93abab1727fe57ff021461d933f7a4324592775610cdd2
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b173b9ee92e3d84fa16f480253a14c96ed4beabccbbe05416b1614436f74d8c3
b196c5bcf7986cfbc59123846f5f29032c3e6af163f17f1f604c58b3ad64bd78
b2df091bc964f1304f74f7d02c4ea35c589affced36575078e8b2de01b394091
b2f5b295cd71c6a41ceae6e81aeaaea8acb4c554c5331416e1849be087de3380
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b907cb03a10c5d88a8d0dcf23a4ca5086c15d8af3d9ac5a06ef04c40cc6ff0f7
bac749da0d322dd00bd550eb5515af0917d079419ec9bf2721eac2e9317436b8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be74cfbceb2692ca7c21d7ce374bb5381854c87f73c72ac99652ff4f170cc91a
c089ec01c2c92834a46aed993389441d6f42c56bca11e8efd071c10ccafb5040
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72
c1ad6bd5489638d911abe841a4f8a813d2b2494deea4680eca2ed7800fc8fcbb
c68e0d0d4046228c3d8c161cc837a4c289b555ff8a07b58132622c86998c4e00
c69e47e532d2804bea4a11078896f89a9aec5ab65a1de13ea4f755ea8565f936
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3
cbc365ace808a90df979334a46bfbd9ad8b7d9867e001e69699231c7a0966cd6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861
d22504c337c5e5d815922dac829a916f8ca3f3bf8e76cd7790bc50ed39e2d3ef
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d494a3de8843d2b6f410108d63b83b440737514b9c2e36580870cbf41a79af3a
d5cfef5ef879f7462b1bc42b4141c3d762e24578c1dc5327113e10bf446534ab
d64a72fcd3fd5f78053efd2f53d052149945d775cf5933b8cfaadf71afbb7c60
d839e15024b54dadc296f0a8d7839a40490841f4c1f2ac14c4d8801a6c163077
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a0b2a5b4fee4e6e2f74e8131619545972b864657c524d16a52f2618a429eec
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db47f42ded2fe4cff968c9923000cde18dec257d90a3ac4adc6b9edcaed14e3e
dce808f14825f7c2005bdc28dbda17e858718ee452be18e8803336d62c728715
de4b8ef94d50f377ac098fe768c23f84b9eed59d09ab46f68a1555a25a0f3991
e21d40d06dd91e757348c94fbd108af537e80b902b5878421ff4445440fdf998
e30d1c4597f21c56dc54cf4db5ec07d3c33b2aee68982b162475b46e295684d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaafe93ce6365e866445f068791caeb1b04dd50467bdc853bbe16ef18cf2859c
eb8da43c7a789f41fb8a1de1dc61f043791d861ff7740bf0569f690135f87d99
ec44b66c1e7bcb79184a0edeceaa868b6be009acda10a3cf384936199f1caeec
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ed60a0533e3834db8d69b5cd9f74b081a71dc55e86900f2478197fe040895d96
edc399fa02411570c4e2b1e380cd049b760a0e406d1b7cd2a216a428dd661f7b
ee5ebc2e5e093ee9ea3485ae13632e54bba29b488b7956923112de35efe7ded4
ee98a89ac06c466e939c0998035d790935c174679393dc22247193c344dff284
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f0220920afed632cb20f241b0695b9776b4499643b437735ad75ffa9f3add2f2
f096672de58974f0fe865de7b2e6bbc66944a21124be2e53c93a8056e6f1939d
f0e9f6a1794eb6ffdc3753e9b24cf41c77b50c91821b5b4da1ebb9c84cd3e38d
f33f18c1cc424c1246d4bc672be234aa2e671e772b4c8d8edfc8db45fe9b3560
f410b49132f202d22286d5539d87d550fbbd674e3463eaab28368a78de04e272
f48c5d349a73b41850ff4349fc02a2e43f172ecfbb5efe7e9437e6ca38403178
f5debb6b575243b05b1ecc160f08827157e1a964ccba809f9f58cdec984d9d95
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8ba64b9b411d1e0e77b5a6063b8ffbc809662d9afad5c709e48fa49dab13543
f920e116356ae38e87ea22d6fdccc1aacf08465f9d4ee28ff11a81d6ae1477e5
fcca58e2a08d18c93cc090844885c2187edeea3674a5ebd45720374e65c295af
fcdd66efbeb3c2658c491d42252d0b54d67205278dc3b35da08202e26242f154
fdd2fef0285aa2277437bbcb07306e048ca45f5b65c3683c5c4455c02afa736d
fe8e5fff10c25f5ee0fa9d77bedda0939fd3f7094ce74a88f54f2920a38d20e9