urlscan.io logo urlscan.io
SecurityTrails logo

securityaffairs.co Open in urlscan Pro
2001:8d8:100f:f000::289  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html/u003ehttps://t.co/pr...
Effective URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Submission: On October 31 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 49 IPs in 6 countries across 57 domains to perform 232 HTTP transactions. The main IP is 2001:8d8:100f:f000::289, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is securityaffairs.co. The Cisco Umbrella rank of the primary domain is 277629.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on March 24th 2022. Valid for: a year.
This is the only time securityaffairs.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45 2001:8d8:100f... 8560 (IONOS-AS ...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:205... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2.18.235.93 16625 (AKAMAI-AS)
11 68.183.31.14 14061 (DIGITALOC...)
9 192.0.77.2 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
2 18.198.228.5 16509 (AMAZON-02)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 23.35.228.23 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 3.248.145.65 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
2 141.95.33.111 16276 (OVH)
2 3.33.220.150 16509 (AMAZON-02)
2 4 185.89.210.212 29990 (ASN-APPNEX)
1 162.19.138.116 16276 (OVH)
4 52.28.203.152 16509 (AMAZON-02)
5 137.184.242.150 14061 (DIGITALOC...)
4 52.28.38.64 16509 (AMAZON-02)
4 81.17.55.161 60781 (LEASEWEB-...)
4 34.149.20.76 15169 (GOOGLE)
4 72.251.249.14 32475 (SINGLEHOP...)
4 2602:803:c004... 26667 (RUBICONPR...)
4 69.166.1.8 27630 (AS-XFERNET)
1 6 185.89.210.20 29990 (ASN-APPNEX)
4 34.107.148.139 396982 (GOOGLE-CL...)
4 3.65.157.79 16509 (AMAZON-02)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 35.244.159.8 15169 (GOOGLE)
1 51.89.9.253 16276 (OVH)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... ()
1 2 185.172.90.251 ()
2 185.172.90.249 ()
1 185.172.90.252 ()
1 1 96.16.141.156 ()
1 23.203.77.3 ()
1 205.234.175.175 ()
2 2606:4700:10:... ()
1 142.250.184.226 ()
1 2a04:4e42:400... ()
232 49
45    2001:8d8:100f:f000::289 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
securityaffairs.co
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2600:9000:2057:fa00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
4    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
11    68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
served-by.pixfuture.com
9    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    18.198.228.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-228-5.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
lg3.media.net
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2606:4700:20::681a:744 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixfuture.com
2    3.248.145.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-145-65.eu-west-1.compute.amazonaws.com
aa.agkn.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
2    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
5    137.184.242.150 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebidserver.pixfuture.com
4    52.28.38.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-38-64.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
4    81.17.55.161 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
4    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
4    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    69.166.1.8 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
6    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
4    3.65.157.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-157-79.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
pixfuture2-d.openx.net
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
8    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:80b::2002 (None, )

ASN- ()
googleads.g.doubleclick.net
adservice.google.co.uk
www.googletagservices.com
2    185.172.90.251 (None, )

ASN- ()
ads.us.e-planning.net
2    185.172.90.249 (None, )

ASN- ()
s.e-planning.net
1    185.172.90.252 (None, )

ASN- ()
u-ams03.e-planning.net
1    96.16.141.156 (None, )

ASN- ()
secure-assets.rubiconproject.com
1    23.203.77.3 (None, )

ASN- ()
eus.rubiconproject.com
1    205.234.175.175 (None, )

ASN- ()
i.e-planning.net
2    2606:4700:10::ac43:db6 (None, )

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
1    142.250.184.226 (None, )

ASN- ()
cm.g.doubleclick.net
1    2a04:4e42:400::300 (None, )

ASN- ()
trc.taboola.com
Apex Domain
Subdomains		 Transfer
45 securityaffairs.co
securityaffairs.co — Cisco Umbrella Rank: 277629
1 MB
18 pixfuture.com
served-by.pixfuture.com — Cisco Umbrella Rank: 41102
cdn.pixfuture.com — Cisco Umbrella Rank: 49508
prebidserver.pixfuture.com — Cisco Umbrella Rank: 62601
484 KB
11 wp.com
i0.wp.com — Cisco Umbrella Rank: 2819
stats.wp.com — Cisco Umbrella Rank: 2647
pixel.wp.com — Cisco Umbrella Rank: 2429
177 KB
10 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 436
ib.adnxs.com — Cisco Umbrella Rank: 210
9 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com Failed
623 KB
7 media.net
contextual.media.net — Cisco Umbrella Rank: 553
lg3.media.net — Cisco Umbrella Rank: 4030
prebid.media.net — Cisco Umbrella Rank: 1165
4 KB
6 e-planning.net
ads.us.e-planning.net
s.e-planning.net
u-ams03.e-planning.net
i.e-planning.net
3 KB
6 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com Failed
4 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 71
1001 B
4 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 5524
1 KB
4 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 869
1 KB
4 openx.net
pixfuture2-d.openx.net — Cisco Umbrella Rank: 51573
682 B
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 431
300 B
4 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 3224
637 B
4 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1382
3 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
3 KB
4 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1666
871 B
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1410
sync.smartadserver.com Failed
2 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 866
633 B
4 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 855
cms.analytics.yahoo.com Failed
394 B
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 408
mug.criteo.com — Cisco Umbrella Rank: 3300
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
region1.google-analytics.com — Cisco Umbrella Rank: 2835
20 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
221 KB
3 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
54 KB
3 sharethis.com
ws.sharethis.com — Cisco Umbrella Rank: 8297
l.sharethis.com — Cisco Umbrella Rank: 4618
9 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com Failed
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
655 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 484
1 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 467
983 B
1 googletagservices.com
www.googletagservices.com
1 taboola.com
trc.taboola.com
161 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 750
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187
405 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1728
1 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 699
6 KB
0 gstatic.com Failed
www.gstatic.com Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
0 imrworldwide.com Failed
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com Failed
0 bluekai.com Failed
tags.bluekai.com Failed
0 amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
0 widespace.com Failed
engine.widespace.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 richaudience.com Failed
sync.richaudience.com Failed
0 krxd.net Failed
beacon.krxd.net Failed
usermatch.krxd.net Failed
0 mookie1.com Failed
odr.mookie1.com Failed
0 crwdcntrl.net Failed
bcp.crwdcntrl.net Failed
0 weborama.fr Failed
idsync.frontend.weborama.fr Failed
0 adition.com Failed
dsp.adfarm1.adition.com Failed
0 exelator.com Failed
loadeu.exelator.com Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
0 fwmrm.net Failed
dmp.v.fwmrm.net Failed
0 adform.net Failed
dmp.adform.net Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 audrte.com Failed
a.audrte.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
0 googleapis.com Failed
fonts.googleapis.com Failed
232 57
Domain Requested by
45 securityaffairs.co 1 redirects securityaffairs.co
11 served-by.pixfuture.com securityaffairs.co
cdn.pixfuture.com
9 i0.wp.com securityaffairs.co
8 pagead2.googlesyndication.com cdn.pixfuture.com
pagead2.googlesyndication.com
6 ib.adnxs.com 1 redirects cdn.pixfuture.com
spl.zeotap.com
5 prebidserver.pixfuture.com cdn.pixfuture.com
4 adservice.google.com pagead2.googlesyndication.com
4 adservice.google.co.uk pagead2.googlesyndication.com
4 partner.googleadservices.com pagead2.googlesyndication.com
4 pixfuture2-d.openx.net cdn.pixfuture.com
4 hbopenbid.pubmatic.com cdn.pixfuture.com
4 hb.emxdgt.com cdn.pixfuture.com
4 prebid.media.net cdn.pixfuture.com
4 apex.go.sonobi.com cdn.pixfuture.com
4 fastlane.rubiconproject.com cdn.pixfuture.com
4 ap.lijit.com cdn.pixfuture.com
4 ssc.33across.com cdn.pixfuture.com
4 prg.smartadserver.com cdn.pixfuture.com
4 btlr.sharethrough.com cdn.pixfuture.com
4 c2shb.pubgw.yahoo.com cdn.pixfuture.com
4 secure.adnxs.com 2 redirects
4 www.googletagmanager.com securityaffairs.co
www.googletagmanager.com
2 s.e-planning.net ads.us.e-planning.net
2 ads.us.e-planning.net 1 redirects cdn.pixfuture.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 match.adsrvr.org cdn.pixfuture.com
spl.zeotap.com
2 id5-sync.com cdn.pixfuture.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 aa.agkn.com 1 redirects cdn.pixfuture.com
2 cdn.pixfuture.com served-by.pixfuture.com
cdn.pixfuture.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 lg3.media.net securityaffairs.co
2 l.sharethis.com ws.sharethis.com
securityaffairs.co
1 www.googletagservices.com googleads.g.doubleclick.net
1 mwzeom.zeotap.com spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 cm.g.doubleclick.net spl.zeotap.com
1 spl.zeotap.com ads.us.e-planning.net
1 i.e-planning.net ads.us.e-planning.net
1 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 u-ams03.e-planning.net ads.us.e-planning.net
1 onetag-sys.com cdn.pixfuture.com
1 lb.eu-1-id5-sync.com cdn.pixfuture.com
1 pixel.wp.com securityaffairs.co
1 secure.gravatar.com securityaffairs.co
1 stats.wp.com securityaffairs.co
1 contextual.media.net securityaffairs.co
1 ws.sharethis.com securityaffairs.co
1 maxcdn.bootstrapcdn.com securityaffairs.co
0 tpc.googlesyndication.com Failed googleads.g.doubleclick.net
0 www.gstatic.com Failed googleads.g.doubleclick.net
0 x.bidswitch.net Failed spl.zeotap.com
0 pixel.rubiconproject.com Failed spl.zeotap.com
0 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com Failed spl.zeotap.com
0 tags.bluekai.com Failed spl.zeotap.com
0 aax-eu.amazon-adsystem.com Failed spl.zeotap.com
0 usermatch.krxd.net Failed spl.zeotap.com
0 engine.widespace.com Failed spl.zeotap.com
0 sync-tm.everesttech.net Failed spl.zeotap.com
0 sync.richaudience.com Failed spl.zeotap.com
0 beacon.krxd.net Failed spl.zeotap.com
0 odr.mookie1.com Failed spl.zeotap.com
0 cms.analytics.yahoo.com Failed spl.zeotap.com
0 bcp.crwdcntrl.net Failed spl.zeotap.com
0 sync.smartadserver.com Failed spl.zeotap.com
0 idsync.frontend.weborama.fr Failed spl.zeotap.com
0 dsp.adfarm1.adition.com Failed spl.zeotap.com
0 loadeu.exelator.com Failed spl.zeotap.com
0 dpm.demdex.net Failed spl.zeotap.com
0 sync.tidaltv.com Failed spl.zeotap.com
0 dmp.v.fwmrm.net Failed spl.zeotap.com
0 dmp.adform.net Failed spl.zeotap.com
0 pixel.tapad.com Failed spl.zeotap.com
0 a.audrte.com Failed ads.us.e-planning.net
0 api.rlcdn.com Failed cdn.pixfuture.com
0 fonts.googleapis.com Failed securityaffairs.co
googleads.g.doubleclick.net
232 79
Subject Issuer Validity Valid
www.securityaffairs.co
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-24 -
2023-04-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
sharethis.com
Amazon		 2022-06-19 -
2023-07-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-30 -
2022-12-03		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-23 -
2023-11-23		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-09-14 -
2022-12-13		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
ads.us.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
*.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh

This page contains 14 frames:

Primary Page: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Frame ID: 62B0F35672F3CCA34ABA41206FF5242F
Requests: 148 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Frame ID: F4C32B4D11E46AE536B3766302867495
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: FB9A38FE47B8016F0B25F0377F02706D
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: E05872860B9014758C0555313336FA82
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: E40B9623C299C70DEBABFAF1CEF754BE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667229619&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667229619214&bpp=10&bdt=238&idt=308&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4138159051532&frm=21&ife=1&pv=2&ga_vid=1736302110.1667229616&ga_sid=1667229620&ga_hid=653146384&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=3219251258&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44775016&oid=2&pvsid=3109044028026604&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hvaqfomy9en&fsb=1&xpc=Ww048jgens&p=https%3A//securityaffairs.co&dtd=327
Frame ID: 6DB2097098651DD74C94777E22762BAF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696134&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667229619&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667229619183&bpp=12&bdt=239&idt=373&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4138159051532&frm=21&ife=1&pv=1&ga_vid=1736302110.1667229616&ga_sid=1667229620&ga_hid=1590757808&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=871&biw=1600&bih=1200&isw=320&ish=50&ifk=3011330007&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016%2C31069794&oid=2&pvsid=2177527359127643&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.c1nwexi8j9l&fsb=1&xpc=4gQloSYeRl&p=https%3A//securityaffairs.co&dtd=390
Frame ID: 42F2321327BD7A880EABC649F834148D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667229619&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667229619233&bpp=4&bdt=154&idt=357&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4138159051532&frm=21&ife=1&pv=1&ga_vid=1736302110.1667229616&ga_sid=1667229620&ga_hid=1774563369&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1903&biw=1600&bih=1200&isw=300&ish=250&ifk=3910786606&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070616%2C44775017&oid=2&pvsid=538666610846286&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.go6j3y8nygnp&btvi=1&fsb=1&xpc=pXlYGJXYM7&p=https%3A//securityaffairs.co&dtd=373
Frame ID: D89CB0E60C01AB10A1E1E7F972A8F374
Requests: 10 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: C86B260B1DB7D24F4D6A479B17D38F06
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 688590016001270811B1C692FB4C2952
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: D436356105ED2F62CCC402636FAFEDE6
Requests: 2 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: CA8C5B7CFEE0FC0701CC007CA5B86ACE
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: D164651BA46FDF4052CCACDA6752C0D2
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667229620&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667229619993&bpp=22&bdt=112&idt=185&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&cookie=ID%3Ddd982f205307b32e-22cb99e060ce00d0%3AT%3D1667229619%3ART%3D1667229619%3AS%3DALNI_Ma_H2QbEyVyrJmyTXF03uDvQQuVHg&gpic=UID%3D00000b7aabfb2bfb%3AT%3D1667229619%3ART%3D1667229619%3AS%3DALNI_MbwFLe1AMy_J58IV-Vkm-BHJfAJRg&correlator=4138159051532&frm=21&ife=1&pv=1&ga_vid=1736302110.1667229616&ga_sid=1667229620&ga_hid=707572272&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=871&biw=1600&bih=1200&isw=320&ish=50&ifk=3011330007&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44770147%2C31070590%2C44774292%2C44775016%2C31069563&oid=2&pvsid=2941154181513852&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7lsubnsqri35&fsb=1&xpc=9vwzwS5sdb&p=https%3A//securityaffairs.co&dtd=207
Frame ID: 17CFC338E920E948626EDD25A63EB4D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution providerSecurity Affairs

Page URL History Show full URLs

  1. https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html/... HTTP 301
    https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

232
Requests

77 %
HTTPS

35 %
IPv6

57
Domains

79
Subdomains

49
IPs

6
Countries

3092 kB
Transfer

5077 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html/u003ehttps://t.co/prqKGG5uWd/u003c/e/u003e HTTP 301
    https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=IxpiEnx1REg5Q1psOG1icWRqanlUMlkvMTNNQlBNTDN4Q044aXU2TUdFTEVaSk83Smo5dmo0cURUVGRaOGRLeFpMRERuWnczL1VodkNUZk9GNDhxR0xNeXJla25IeHpyczY0UDFRemZaaTJhK1VGRk5BSGtuZytTeWw0N3A3Zk4wYUozYWp6Q3Y5WVJISGFiTnlzd3h6eFlCaWNZNGFjS3dQUFhEOHZkajNJTENLdGZ2Y1BQQlF0QURSL0liaUpES3VOeDBOQTJGMTBYOVlDdEVqYWZXWmxaMkgyKytNU1VSZEZnMVM0NTRrNk15cjhhNDN6YTVCdkdFMWE4WVRXNjNBVTU1fA&cppv=2
Request Chain 87
  • https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Request Chain 88
  • https://secure.adnxs.com/seg?add=27578935%2C27578935&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
Request Chain 167
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Request Chain 176
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D45e4f53c76e97113%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=45e4f53c76e97113&uid=5258165350033671309
Request Chain 178
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 187
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361
Request Chain 192
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361&rdf=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=68483568-5C17-45FA-8D72-F94AD693B523&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Request Chain 202
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=9MhQKoDjAsuV8yEbij13xYMxSIGmDu1e%2BS41iYitP1U%3D

232 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request blackbyte-ransomware-asahi-group-holdings.html
securityaffairs.co/wordpress/137803/cyber-crime/
Redirect Chain
  • https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html/u003ehttps://t.co/prqKGG5uWd/u003c/e/u003e
  • https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
97 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
773ed4062ad3efbbc4be804558ba63e65df5c66cfc36d63d485a52ce7c04589f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 31 Oct 2022 15:20:13 GMT
link
<https://securityaffairs.co/wordpress/wp-json/>; rel="https://api.w.org/", <https://securityaffairs.co/wordpress/wp-json/wp/v2/posts/137803>; rel="alternate"; type="application/json", <https://securityaffairs.co/wordpress/?p=137803>; rel=shortlink
server
Apache
x-pingback
https://securityaffairs.co/wordpress/xmlrpc.php

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 31 Oct 2022 15:20:12 GMT
location
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
server
Apache
x-pingback
https://securityaffairs.co/wordpress/xmlrpc.php
x-redirect-by
WordPress
style.css
securityaffairs.co/wordpress/wp-includes/css/dist/block-library/ 		101 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/css/dist/block-library/style.css?ver=81cc3f1e67b6f0bd8d3898f302147301
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6acaf1e28f06b9575940731ab904b18dde4d2bf52618c42fddb14d0d9b6c028c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
last-modified
Tue, 12 Jul 2022 21:45:23 GMT
server
Apache
accept-ranges
bytes
etag
"193c1-5e3a295f4b1f7"
content-length
103361
content-type
text/css
mediaelementplayer-legacy.min.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
server
Apache
accept-ranges
bytes
etag
"2bf8-5b61073acf500"
content-length
11256
content-type
text/css
wp-mediaelement.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/mediaelement/wp-mediaelement.css?ver=81cc3f1e67b6f0bd8d3898f302147301
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6d9f061cba81145d9bab0964192d66cb2e13a71591482cdfaf5b718341171da1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
Apache
accept-ranges
bytes
etag
"1360-597430d761a00"
content-length
4960
content-type
text/css
cookie-law-info-public.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
last-modified
Wed, 26 Oct 2022 21:55:35 GMT
server
Apache
accept-ranges
bytes
etag
"c22-5ebf7159aca52"
content-length
3106
content-type
text/css
cookie-law-info-gdpr.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/legacy/public/css/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
last-modified
Wed, 26 Oct 2022 21:55:35 GMT
server
Apache
accept-ranges
bytes
etag
"6a71-5ebf7159aca52"
content-length
27249
content-type
text/css
ssba.css
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ 		142 KB
142 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=1666305205
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
27af6a936f27c245f807aef4673133e343b4d791c45ada798049d38a55e3634c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
last-modified
Thu, 20 Oct 2022 22:33:25 GMT
server
Apache
accept-ranges
bytes
etag
"23833-5eb7ee9e40fc3"
content-length
145459
content-type
text/css
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=8.3.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
951
age
933446
cdn-cachedat
07/25/2022 03:12:46
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"04425bbdc6243fc6e54bf8984fe50330"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e06a304d4cd3bf4b00b82c28b70cb462
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
762d5fa4e8907591-LHR
cdn-requestpullsuccess
True
custom.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/ 		19 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
last-modified
Wed, 16 Dec 2015 13:54:59 GMT
server
Apache
accept-ranges
bytes
etag
"4d92-52704407f72c0"
content-length
19858
content-type
text/css
tipsy.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		539 B
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
Apache
accept-ranges
bytes
etag
"21b-526fe6d7cd700"
content-length
539
content-type
text/css
flexslider.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
last-modified
Wed, 16 Dec 2015 13:55:09 GMT
server
Apache
accept-ranges
bytes
etag
"1851-5270441180940"
content-length
6225
content-type
text/css
animation.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
accept-ranges
bytes
etag
"6b4-526fe6d5e5280"
content-length
1716
content-type
text/css
font-awesome.min.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		17 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
accept-ranges
bytes
etag
"4574-526fe6d5e5280"
content-length
17780
content-type
text/css
swipebox.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:14 GMT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
Apache
accept-ranges
bytes
etag
"118d-526fe6e527680"
content-length
4493
content-type
text/css
jquery.circliful.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		334 B
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:02 GMT
server
Apache
accept-ranges
bytes
etag
"14e-526fe6d5e5280"
content-length
334
content-type
text/css
screen.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		110 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:04 GMT
server
Apache
accept-ranges
bytes
etag
"1b844-526fe6d7cd700"
content-length
112708
content-type
text/css
custom-css.php
securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
text/css; charset: UTF-8;charset=UTF-8
date
Mon, 31 Oct 2022 15:20:15 GMT
server
Apache
grid.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 		49 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/grid.css?ver=81cc3f1e67b6f0bd8d3898f302147301
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:03 GMT
server
Apache
accept-ranges
bytes
etag
"c5f2-526fe6d6d94c0"
content-length
50674
content-type
text/css
sharing.css
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=11.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
dda6ad33ac53197002b0e3c6c09f3714a6c79b73969d15666500689d8fc50d3c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Tue, 04 Oct 2022 21:50:57 GMT
server
Apache
accept-ranges
bytes
etag
"4991-5ea3c74811a26"
content-length
18833
content-type
text/css
social-logos.css
securityaffairs.co/wordpress/wp-content/plugins/jetpack/_inc/social-logos/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/_inc/social-logos/social-logos.css?ver=11.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
4cdecc62f5b2c8e9f7cf7b14b9fd42e0c4787d912c1b71426cdfbe0144cede46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Tue, 04 Oct 2022 21:50:53 GMT
server
Apache
accept-ranges
bytes
etag
"312f-5ea3c74511173"
content-length
12591
content-type
text/css
jquery.js
securityaffairs.co/wordpress/wp-includes/js/jquery/ 		282 KB
282 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery.js?ver=3.6.0
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Fri, 23 Jul 2021 22:11:53 GMT
server
Apache
accept-ranges
bytes
etag
"46758-5c7d1b0de3c40"
content-length
288600
content-type
application/javascript
jquery-migrate.js
securityaffairs.co/wordpress/wp-includes/js/jquery/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
server
Apache
accept-ranges
bytes
etag
"62d4-5b61073acf500"
content-length
25300
content-type
application/javascript
cookie-law-info-public.js
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/legacy/public/js/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 26 Oct 2022 21:55:35 GMT
server
Apache
accept-ranges
bytes
etag
"8583-5ebf7159ae992"
content-length
34179
content-type
application/javascript
medianetAdInjector.js
securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/ 		562 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.13
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Sat, 08 May 2021 23:27:41 GMT
server
Apache
accept-ranges
bytes
etag
"232-5c1d9e402b540"
content-length
562
content-type
application/javascript
st_insights.js
ws.sharethis.com/button/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare&ver=8.3.2
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:fa00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a0dc45b07153920d06e669676d8d6a7592971683f1381aefc5c95b83dd62a2bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 22:45:28 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
146086
x-cache
Hit from cloudfront
content-length
7903
server
nginx/1.20.1
etag
W/"634f185a-6a64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
PHInS7IlIKmDu21yNfB73oVX9fBoCAG-QrBPKMLLeZt6HvkNCd1IBw==
expires
Tue, 01 Nov 2022 22:45:28 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
293f0aa165671eb3467283e8bd8d72c982abc7f4769140c320136c790e055804
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43580
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Oct 2022 15:20:15 GMT
dmedianet.js
contextual.media.net/ 		368 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1ee43b9f0b9d04dbb343045c231271c35c917319b8d0ac01ec9c0b5cfc8f24e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-mnt-h
21-5f44
strict-transport-security
max-age=31536000
date
Mon, 31 Oct 2022 15:20:15 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
content-length
368
expires
Mon, 31 Oct 2022 15:25:15 GMT
logo_SecurityAffairs.png
securityaffairs.co/wordpress/wp-content/uploads/2015/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2015/12/logo_SecurityAffairs.png
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 17:30:42 GMT
server
Apache
accept-ranges
bytes
etag
"b0e9-5270743f5f480"
content-length
45289
content-type
image/png
headerbid.js
served-by.pixfuture.com/www/delivery/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cacf3cc6bdad466ccf18c534caf82219ab9c43b30d007c4cbc9e80383761ff46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:16 GMT
last-modified
Fri, 30 Sep 2022 14:10:09 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"6336f8c1-74c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
1868
image-11.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/10/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/10/image-11.png?resize=1024%2C417&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
22185e5ec683a5901e9700dbd446b28614a8eee7f02e0537e799a9cc5740f45f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT lhr 4
date
Mon, 31 Oct 2022 15:20:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 30 Oct 2022 16:44:37 GMT
server
nginx
etag
"09e04bb221d89764"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2022/10/image-11.png>; rel="canonical"
content-length
91298
expires
Wed, 30 Oct 2024 04:44:37 GMT
facebook.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		514 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
2bae9fc3e57c860103d1e03360ba3246e3b6c5bcaa6f3183ce8066cc69843a5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT lhr 5
date
Mon, 31 Oct 2022 15:20:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Jul 2021 03:27:44 GMT
server
nginx
etag
"cc42f70ee2b29ba8"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png>; rel="canonical"
content-length
514
expires
Sun, 09 Jul 2023 15:27:44 GMT
twitter.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		672 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
c0515f174257e5e8c2b69445e28f1cca8792be06d315b7772fc16234937d5cde
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT lhr 7
date
Mon, 31 Oct 2022 15:20:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Jul 2021 03:27:44 GMT
server
nginx
etag
"3f52b9a0eb8f55ed"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png>; rel="canonical"
content-length
672
expires
Sun, 09 Jul 2023 15:27:44 GMT
linkedin.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 		600 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png?ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
1b582acaf161db1ef436343a487e95a35a5ee579d35893ad726dce7fa4b85b4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Mon, 31 Oct 2022 15:20:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Jul 2021 03:27:44 GMT
server
nginx
etag
"be413480ff9fb565"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png>; rel="canonical"
content-length
600
expires
Sun, 09 Jul 2023 15:27:44 GMT
twemoji.js
securityaffairs.co/wordpress/wp-includes/js/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/twemoji.js?ver=81cc3f1e67b6f0bd8d3898f302147301
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
f1f9eda417444f06ef060dd832d8821c84f081a98cdf62acfe981f5554c894dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 25 May 2022 22:59:02 GMT
server
Apache
accept-ranges
bytes
etag
"7e90-5dfde04f437ff"
content-length
32400
content-type
application/javascript
wp-emoji.js
securityaffairs.co/wordpress/wp-includes/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-includes/js/wp-emoji.js?ver=81cc3f1e67b6f0bd8d3898f302147301
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Tue, 31 Mar 2020 22:49:14 GMT
server
Apache
accept-ranges
bytes
etag
"231d-5a22e60748e80"
content-length
8989
content-type
application/javascript
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
WannaCrypt-ransomware.jpg
securityaffairs.co/wordpress/wp-content/uploads/2017/05/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2017/05/WannaCrypt-ransomware.jpg
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
b73b55037a23d240e4fa9bd78f2ec69f4412a8e8c8b76a741a63de9e38afa920

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Fri, 12 May 2017 19:52:48 GMT
server
Apache
accept-ranges
bytes
etag
"175d1-54f590cbdc400"
content-length
95697
content-type
image/jpeg
snatch-hensoldt-france.jpg
securityaffairs.co/wordpress/wp-content/uploads/2022/10/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.co/wordpress/wp-content/uploads/2022/10/snatch-hensoldt-france.jpg
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0564cb8ae97e347bee54164eac8198e931e0ed039c2ed5ccb09f2996e72dc245

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Mon, 31 Oct 2022 13:34:45 GMT
server
Apache
accept-ranges
bytes
etag
"25b8f-5ec54abafdd0d"
content-length
154511
content-type
image/jpeg
Password-window-on-comput-001.jpg
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/01/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/01/Password-window-on-comput-001.jpg?resize=300%2C276&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
9ab4d3f954bbf9b20c1ec4c2eeef5461ab7d867c2b8e474560487e5017f494cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT lhr 6
date
Mon, 31 Oct 2022 15:20:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 30 Oct 2022 14:40:06 GMT
server
nginx
etag
"517bce3f1adc1ae4"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2014/01/Password-window-on-comput-001.jpg>; rel="canonical"
content-length
13472
expires
Wed, 30 Oct 2024 02:40:06 GMT
photon.js
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Tue, 04 Oct 2022 21:50:56 GMT
server
Apache
accept-ranges
bytes
etag
"6e0-5ea3c747daf29"
content-length
1760
content-type
application/javascript
jquery.adrotate.clicktracker.js
securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/ 		365 B
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Thu, 20 Oct 2022 05:23:06 GMT
server
Apache
accept-ranges
bytes
etag
"16d-5eb708528adb1"
content-length
365
content-type
application/javascript
ssba.js
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1666305206
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
9b978821f78e7bd3a48e5ae8fd7121a291eec506579406745800ca0590f0907c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Thu, 20 Oct 2022 22:33:26 GMT
server
Apache
accept-ranges
bytes
etag
"7c3-5eb7ee9e54842"
content-length
1987
content-type
application/javascript
hint.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		987 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"3db-526fe6e433440"
content-length
987
content-type
application/javascript
jquery.tipsy.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"1113-526fe6e433440"
content-length
4371
content-type
application/javascript
jquery.easing.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"1fa1-526fe6e433440"
content-length
8097
content-type
application/javascript
browser.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
Apache
accept-ranges
bytes
etag
"a36-526fe6e33f200"
content-length
2614
content-type
application/javascript
jquery.flexslider-min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 13:55:10 GMT
server
Apache
accept-ranges
bytes
etag
"53ae-5270441274b80"
content-length
21422
content-type
application/javascript
waypoints.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:18 GMT
server
Apache
accept-ranges
bytes
etag
"1f6c-526fe6e527680"
content-length
8044
content-type
application/javascript
mediaelement-and-player.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/ 		69 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 13:55:14 GMT
server
Apache
accept-ranges
bytes
etag
"11571-5270441645480"
content-length
71025
content-type
application/javascript
jquery.swipebox.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"2a67-526fe6e433440"
content-length
10855
content-type
application/javascript
jquery.circliful.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"c18-526fe6e433440"
content-length
3096
content-type
application/javascript
jquery.smarticker.min.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:17 GMT
server
Apache
accept-ranges
bytes
etag
"3225-526fe6e433440"
content-length
12837
content-type
application/javascript
custom.js
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:16 GMT
server
Apache
accept-ranges
bytes
etag
"31d4-526fe6e33f200"
content-length
12756
content-type
application/javascript
sharing.js
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=11.4
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
c09fa9679fb13cb821998f533f0f3b51a4a1756bbc05004aef91f8f217c54712

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Tue, 04 Oct 2022 21:50:57 GMT
server
Apache
accept-ranges
bytes
etag
"45a7-5ea3c74811a26"
content-length
17831
content-type
application/javascript
e-202244.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202244.js
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT lhr
date
Mon, 31 Oct 2022 15:20:15 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sat, 21 Oct 2023 02:17:45 GMT
pview
l.sharethis.com/ 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1667229615711.26829&hostname=securityaffairs.co&location=%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&title=BlackByte%C2%A0ransomware%20group%20hit%20Asahi%20Group%20Holdings%2C%20a%20precision%20metal%20manufacturing%20and%20metal%20solution%20providerSecurity%20Affairs&sop=false&description=The%20BlackByte%C2%A0ransomware%20group%20claims%20to%20have%20compromised%20Asahi%20Group%20Holdings%2C%20a%20precision%20metal%20manufacturing%20and%20metal%20solution%20provider.%20Asahi%20Group%20Holdings%2C%20Ltd.%20is%20a%20precision%20metal%20manufacturing%20and%20metal%20solution%20provider%2C%20for%20more%20than%2040%20years%2C%20the%20company%20has%20been%20delivering%20end-to-end%20services%20in%20the%20industries%20of%20precision%20metals%20and%20thin-film%20coatings%20with%20different%20teams%20%5B%E2%80%A6%5D
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare&ver=8.3.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.228.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-228-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 15:20:15 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
gtm.js
www.googletagmanager.com/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
66c8bd5f6607ecb37f91ed304fd8f819561d2b45b6b91999753cdab897b50f00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39774
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Oct 2022 15:20:15 GMT
fontawesome-webfont.woff
securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer
https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Origin
https://securityaffairs.co
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 16 Dec 2015 06:58:09 GMT
server
Apache
accept-ranges
bytes
etag
"ad90-526fe6dc92240"
content-length
44432
content-type
application/font-woff
f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT lhr 2
date
Mon, 31 Oct 2022 15:20:15 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length
1186
expires
Mon, 31 Oct 2022 15:25:15 GMT
Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
8f9bff533ca717c10b0a174e354bc152b3d12367b9e1a151d7c641a37a348ad9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT lhr 1
date
Mon, 31 Oct 2022 15:20:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Jul 2021 03:27:45 GMT
server
nginx
etag
"019430226f23bc18"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
content-length
30480
expires
Sun, 09 Jul 2023 15:27:45 GMT
logo-center-for-cybersecurity.jpg
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT lhr 6
date
Mon, 31 Oct 2022 15:20:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Jul 2021 21:19:07 GMT
server
nginx
etag
"ec322889efafd3c4"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length
7482
expires
Sun, 09 Jul 2023 09:19:07 GMT
newsletter.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
8bd198770be5374fbd70821b1ea71c9a40a926f444900632e336625f6c923d1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT lhr 4
date
Mon, 31 Oct 2022 15:20:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Jul 2021 03:27:45 GMT
server
nginx
etag
"c6dd6eaf84242151"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length
18600
expires
Sun, 09 Jul 2023 15:27:45 GMT
EU-Blog-e.jpg
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/06/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2022/06/EU-Blog-e.jpg?resize=300%2C251&ssl=1
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc
HIT lhr 7
date
Mon, 31 Oct 2022 15:20:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Jun 2022 21:24:10 GMT
server
nginx
etag
"ff4c05de0413b735"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.co/wordpress/wp-content/uploads/2022/06/EU-Blog-e.jpg>; rel="canonical"
content-length
13098
expires
Sat, 22 Jun 2024 09:24:10 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=29506073&post=137803&tz=0&srv=securityaffairs.co&host=securityaffairs.co&ref=&fcp=2934&rand=0.31032093192830024
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Oct 2022 15:20:15 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
flping.php
lg3.media.net/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO4A4J48&gdpr=1&cid=8CU5BD6EW&crid=
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Date
Mon, 31 Oct 2022 15:20:16 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=30667
Connection
keep-alive
Content-Length
15
pview
l.sharethis.com/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1667229615711.26829&hostname=securityaffairs.co&location=%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&title=BlackByte%C2%A0ransomware%20group%20hit%20Asahi%20Group%20Holdings%2C%20a%20precision%20metal%20manufacturing%20and%20metal%20solution%20providerSecurity%20Affairs&sop=false&description=The%20BlackByte%C2%A0ransomware%20group%20claims%20to%20have%20compromised%20Asahi%20Group%20Holdings%2C%20a%20precision%20metal%20manufacturing%20and%20metal%20solution%20provider.%20Asahi%20Group%20Holdings%2C%20Ltd.%20is%20a%20precision%20metal%20manufacturing%20and%20metal%20solution%20provider%2C%20for%20more%20than%2040%20years%2C%20the%20company%20has%20been%20delivering%20end-to-end%20services%20in%20the%20industries%20of%20precision%20metals%20and%20thin-film%20coatings%20with%20different%20teams%20%5B%E2%80%A6%5D&description=The%20BlackByte%C2%A0ransomware%20group%20claims%20to%20have%20compromised%20Asahi%20Group%20Holdings%2C%20a%20precision%20metal%20manufacturing%20and%20metal%20solution%20provider.%20Asahi%20Group%20Holdings%2C%20Ltd.%20is%20a%20precision%20metal%20manufacturing%20and%20metal%20solution%20provider%2C%20for%20more%20than%2040%20years%2C%20the%20company%20has%20been%20delivering%20end-to-end%20services%20in%20the%20industries%20of%20precision%20metals%20and%20thin-film%20coatings%20with%20different%20teams%20%5B%E2%80%A6%5D&img_pview=true
Requested by
Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.228.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-228-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 15:20:15 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 31 Oct 2022 15:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
262
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 31 Oct 2022 17:15:54 GMT
js
www.googletagmanager.com/gtag/ 		176 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4e66e9b98c8afe944dd5e02641f05fd65a22e791164b9d824f20f742e16bbe2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66422
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 31 Oct 2022 15:20:15 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPJ653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
922ece4590256688b382f0a5f6ec2e251ffbef50ee7432a49e75026330979dca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75766
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 31 Oct 2022 15:20:15 GMT
collect
region1.google-analytics.com/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P62M3QN974&gtm=2oeaq0&_p=103103888&cid=1736302110.1667229616&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667229616&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&dt=BlackByte%C2%A0ransomware%20group%20hit%20Asahi%20Group%20Holdings%2C%20a%20precision%20metal%20manufacturing%20and%20metal%20solution%20providerSecurity%20Affairs&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P62M3QN974&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8ZWTX5HC4Z&gtm=2oeaq0&_p=103103888&gdid=dZTNiMT&cid=1736302110.1667229616&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667229616&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&dt=BlackByte%C2%A0ransomware%20group%20hit%20Asahi%20Group%20Holdings%2C%20a%20precision%20metal%20manufacturing%20and%20metal%20solution%20providerSecurity%20Affairs&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=103103888&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&ul=en-us&de=UTF-8&dt=BlackByte%C2%A0ransomware%20group%20hit%20Asahi%20Group%20Holdings%2C%20a%20precision%20metal%20manufacturing%20and%20metal%20solution%20providerSecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=433197007&gjid=1444285340&cid=1736302110.1667229616&tid=UA-59069958-1&_gid=194442317.1667229616&_r=1&gtm=2ouaq0&did=dZTNiMT&gdid=dZTNiMT&z=986235054
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
hb_v2.js
cdn.pixfuture.com/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/hb_v2.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9115cb59149c9fb53ef9be2a565f459bfe487ad880b0be6c82cd02797cdc811

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:16 GMT
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 27 Oct 2022 16:28:55 GMT
server
cloudflare
age
86850
etag
W/"635ab1c7-9020"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WId9ggLGgRR0yMOBKXyHjJCc2L5JSBH%2Fv9caIZMXGqvugN0SsuYwY5HlS75u%2FBwKmX8kGh6P73nMh8MpwmDp2w5DzlT6qpORqqIkT%2BxIqxIfsWkUFg%2BD6qZnkdinEQJO6czp6qKrcjVGK0nzQF%2BX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=172800, no-transform
cf-ray
762d5fb0e84cd168-LHR
expires
Tue, 01 Nov 2022 15:12:39 GMT
pbix.js
cdn.pixfuture.com/ 		395 KB
396 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbix.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf927c4e61681bb6f40d5a1d2be968567eb720a667d6c259db51332884e06d91

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:16 GMT
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 15 Sep 2022 14:24:21 GMT
server
cloudflare
age
86854
cf-polished
origSize=405747
etag
W/"63233595-630f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BE2A%2BPNXJHKc85JdttRh67J4vTm84TAiHyoafPrHpQgMPgtFSEGIIUDsn2NaVV4T9assDiMMjo2zgjN7DJbdLHy4zJbhnYkZx6o0IlAdUTFhK3eckcEeg5%2FTYCxpuiHYoqMAhfEaZkJIxgY4ax3c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
cf-ray
762d5fb1390ed168-LHR
expires
Tue, 01 Nov 2022 15:12:39 GMT
r.js
aa.agkn.com/adscores/ 		0
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.145.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-145-65.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:16 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		12 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24274x728x90x4142x_ADSLOT1&keywords=blackbytenbspransomware,group,hit,asahi,group,holdings,precision,metal,manufacturing,metal,solution,providersecurity,affairs&refUrl=&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
6ca415c9a8f192c250211ea992ee493ccfdf437b9803518f6e5ac7e318e881d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:17 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		10 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24270x300x250x4142x_ADSLOT1&keywords=blackbytenbspransomware,group,hit,asahi,group,holdings,precision,metal,manufacturing,metal,solution,providersecurity,affairs&refUrl=&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
323487f697275db6c264c80af0ffcda07ad10a6be21ab9395fd70991575bf622

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:17 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		10 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24272x320x50x4142x_ADSLOT1&keywords=blackbytenbspransomware,group,hit,asahi,group,holdings,precision,metal,manufacturing,metal,solution,providersecurity,affairs&refUrl=&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
b42aa70dfb3374a1ca8fb1f19fb4babe128da97218325f7f2db8771f324bcac7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:17 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		10 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24272x320x50x4142x_ADSLOT1&keywords=blackbytenbspransomware,group,hit,asahi,group,holdings,precision,metal,manufacturing,metal,solution,providersecurity,affairs&refUrl=&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
b42aa70dfb3374a1ca8fb1f19fb4babe128da97218325f7f2db8771f324bcac7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:17 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
flping.php
lg3.media.net/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO4A4J48&gdpr=1&cid=8CU5BD6EW&crid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Date
Mon, 31 Oct 2022 15:20:16 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=30667
Connection
keep-alive
Content-Length
15
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://securityaffairs.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 31 Oct 2022 15:20:17 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
429669
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=IxpiEnx1REg5Q1psOG1icWRqanlUMlkvMTNNQlBNTDN4Q044aXU2TUdFTEVaSk83Smo5dmo0cURUVGRaOGRLeFpMRERuWnczL1VodkNUZk9GNDhxR0xNeXJla25IeHpyczY0UDFRemZaaTJhK1VGRk5BSGtuZytTeWw0N3...
359 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IxpiEnx1REg5Q1psOG1icWRqanlUMlkvMTNNQlBNTDN4Q044aXU2TUdFTEVaSk83Smo5dmo0cURUVGRaOGRLeFpMRERuWnczL1VodkNUZk9GNDhxR0xNeXJla25IeHpyczY0UDFRemZaaTJhK1VGRk5BSGtuZytTeWw0N3A3Zk4wYUozYWp6Q3Y5WVJISGFiTnlzd3h6eFlCaWNZNGFjS3dQUFhEOHZkajNJTENLdGZ2Y1BQQlF0QURSL0liaUpES3VOeDBOQTJGMTBYOVlDdEVqYWZXWmxaMkgyKytNU1VSZEZnMVM0NTRrNk15cjhhNDN6YTVCdkdFMWE4WVRXNjNBVTU1fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
66f68c707df554d1b5daac682b2af0a28032aa41336b7ed2003a8571310a2afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1059509
expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=IxpiEnx1REg5Q1psOG1icWRqanlUMlkvMTNNQlBNTDN4Q044aXU2TUdFTEVaSk83Smo5dmo0cURUVGRaOGRLeFpMRERuWnczL1VodkNUZk9GNDhxR0xNeXJla25IeHpyczY0UDFRemZaaTJhK1VGRk5BSGtuZytTeWw0N3A3Zk4wYUozYWp6Q3Y5WVJISGFiTnlzd3h6eFlCaWNZNGFjS3dQUFhEOHZkajNJTENLdGZ2Y1BQQlF0QURSL0liaUpES3VOeDBOQTJGMTBYOVlDdEVqYWZXWmxaMkgyKytNU1VSZEZnMVM0NTRrNk15cjhhNDN6YTVCdkdFMWE4WVRXNjNBVTU1fA&cppv=2
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
570612
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
140e17bdd8186191131c02a6da856adbda9a3d9b961f994407e67f4caeca48e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		63 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
ad0bb9ae5403f4dcd536b469b0400c1ab15d8492afc345d9e6bc5f053cde0dcc

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Oct 2022 15:20:17 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 30 Nov 2022 15:20:17 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
0
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Protocol
HTTP/1.1
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:17 GMT
AN-X-Request-Uuid
f5cb5872-8035-4e27-a73b-ed9fe8132a2a
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:17 GMT
AN-X-Request-Uuid
e9bf3c60-75fc-49da-99cd-4ea3a2bbac3c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Connection
keep-alive
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=27578935%2C27578935&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
0
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
Protocol
HTTP/1.1
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:17 GMT
AN-X-Request-Uuid
4a380d0d-8a25-4f29-bb9c-e668a30c9092
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:17 GMT
AN-X-Request-Uuid
c105fd6d-019a-4921-9cc1-be09f1f00432
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578935%252C27578935%26t%3D1
Connection
keep-alive
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
2097263f6f5a3e183ab35cd60a00a7d3d289b5f0437a2c20fad1e2832ca53978
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
529.json
id5-sync.com/g/v2/ 		216 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/529.json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
b4d0bc62b8d78ed6555fb618251c2764e6d6854533da3ba76ad208acc2a2162e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://securityaffairs.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://securityaffairs.co
access-control-max-age
600
age
0
content-length
0
date
Mon, 31 Oct 2022 15:20:18 GMT
server
ATS/9.1.10.25
cookie_sync
prebidserver.pixfuture.com/ 		523 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/cookie_sync
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
f20d84a221b370cf772dde00a1285d193ae3ca2ef6fc84f19d29b7735b07b92e

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
523
expires
0
auction
prebidserver.pixfuture.com/openrtb2/ 		277 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
08e441689be2247c4eb0935b76ba772829f06a73aad0ae14b53665e6a40c2138

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
277
expires
0
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-38-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
prg.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e027a712b4c838c1ca6839fb7592fe7e6a4e22b291ea190889ea1d2db4ac6cda

Request headers

Referer
https://securityaffairs.co/
x-openrtb-version
2.5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 31 Oct 2022 15:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
content-length
66
hb
ssc.33across.com/api/v1/ 		87 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f543bb6d5ad9236faca29fde5bdc1f31a61cf0afcb20741a439e7c8e86be84b7

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid
ap.lijit.com/rtb/ 		94 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
bd95e27ed3863b379998bcd9b85fd1e0a1f41eaef425cfd14e09bab01244c7b7

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 31 Oct 2022 15:20:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=2&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,43c49c07-8c75-48f7-a04e-664546e5ba56,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=45b094c7-bd19-4ae3-af4a-202dfe799505%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=adb633f4-c3b7-473c-9d38-d46ad7f26de8&l_pb_bid_id=16eb45f0b742a4&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2382447201882163
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7b3a787dc7fd0fdae75d31f5e5dd846b8112412e009c8606a0bb9850d9fb6ff0

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:18 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		95 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2218e0b67b9ed015b%22%3A%22951d83dd852c9348161e%7C728x90%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&s=78fe5ea7-3390-4828-a66d-5a8baea13b08&pv=9eb3105c-0eea-46cd-b43a-f91a776c41fa&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%2C%22rid%22%3A%2243c49c07-8c75-48f7-a04e-664546e5ba56%22%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%2245b094c7-bd19-4ae3-af4a-202dfe799505%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2245b094c7-bd19-4ae3-af4a-202dfe799505%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=blackbytenbspransomware%2Cgroup%2Chit%2Casahi%2Cgroup%2Choldings%2Cprecision%2Cmetal%2Cmanufacturing%2Cmetal%2Csolution%2Cprovidersecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f48cd30d129c7b7d4fb6460753e1ad27d4ce791686787e5521e1ffb741fd00d7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-120
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
120
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		256 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b9619c0bdb9e3a907c802c92acfcccd824da971963fd70d27ab3d8f85335422d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:18 GMT
AN-X-Request-Uuid
ddb5bb54-c446-4081-92a3-73e63c7a36ac
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
256
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8fc785143656694f46ec30d15c0a73e1fe1a0edee8b4dee8decbd822120b34e4

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
/
hb.emxdgt.com/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1667229618510&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.157.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-157-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=adb633f4-c3b7-473c-9d38-d46ad7f26de8&nocache=1667229618514&id5id=0&pubcid=45b094c7-bd19-4ae3-af4a-202dfe799505&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C43c49c07-8c75-48f7-a04e-664546e5ba56%2C%2C&aus=728x90&divids=24274x728x90x4142x_ADSLOT1&aucs=&auid=540580842&tps=bXlrZXl3b3JkPWJsYWNrYnl0ZW5ic3ByYW5zb213YXJlLGdyb3VwLGhpdCxhc2FoaSxncm91cCxob2xkaW5ncyxwcmVjaXNpb24sbWV0YWwsbWFudWZhY3R1cmluZyxtZXRhbCxzb2x1dGlvbixwcm92aWRlcnNlY3VyaXR5LGFmZmFpcnMmbXlvdGhlcmtleXdvcmQ9YmxhY2tieXRlbmJzcHJhbnNvbXdhcmUsZ3JvdXAsaGl0LGFzYWhpLGdyb3VwLGhvbGRpbmdzLHByZWNpc2lvbixtZXRhbCxtYW51ZmFjdHVyaW5nLG1ldGFsLHNvbHV0aW9uLHByb3ZpZGVyc2VjdXJpdHksYWZmYWlycw%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d727ca15ce0dfe19332eec36b5e6c6192247d3f6468bb9aafddeac238acd0a2a

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IxpiEnx1REg5Q1psOG1icWRqanlUMlkvMTNNQlBNTDN4Q044aXU2TUdFTEVaSk83Smo5dmo0cURUVGRaOGRLeFpMRERuWnczL1VodkNUZk9GNDhxR0xNeXJla25IeHpyczY0UDFRemZaaTJhK1VGRk5BSGtuZytTeWw0N3A3Zk4wYUozYWp6Q3Y5WVJISGFiTnlzd3h6eFlCaWNZNGFjS3dQUFhEOHZkajNJTENLdGZ2Y1BQQlF0QURSL0liaUpES3VOeDBOQTJGMTBYOVlDdEVqYWZXWmxaMkgyKytNU1VSZEZnMVM0NTRrNk15cjhhNDN6YTVCdkdFMWE4WVRXNjNBVTU1fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 31 Oct 2022 15:20:17 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
396423
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
auction
prebidserver.pixfuture.com/openrtb2/ 		277 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
fd3797f996f8945636abd5640a215b3168a6914fd02fa327c5c963d2e5b87acd

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
277
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		95 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22383efa01157b5ce%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&s=03edb624-5986-424b-b84f-e26785bc2181&pv=9eb3105c-0eea-46cd-b43a-f91a776c41fa&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%2C%22rid%22%3A%2243c49c07-8c75-48f7-a04e-664546e5ba56%22%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%2245b094c7-bd19-4ae3-af4a-202dfe799505%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2245b094c7-bd19-4ae3-af4a-202dfe799505%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=blackbytenbspransomware%2Cgroup%2Chit%2Casahi%2Cgroup%2Choldings%2Cprecision%2Cmetal%2Cmanufacturing%2Cmetal%2Csolution%2Cprovidersecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
14a7e1756ccfd4d2b7b52aced206cc263e338034dc1d727374dbadddd03b0df4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-66
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
120
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1f36e7aae8fe3202839545f7bf1b94ba1c61e9a07cdf9ed21271cb84f00f50a3

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
bid
ap.lijit.com/rtb/ 		94 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a4941d4108a3026b2ed4076f9567e4a4ff693f4081d64d394bf497a39a59b1cd

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 31 Oct 2022 15:20:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
73f589950075910eafb3bc61bb0fb3310aae2119ee58a784aa12a3658bed2294

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1667229618692&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.157.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-157-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
v1
btlr.sharethrough.com/universal/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-38-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:18 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		256 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ec1529bf0d8ff46c9fe82d9b06670087acdd52acab1c61770316aee466f42ace
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:18 GMT
AN-X-Request-Uuid
a7cade96-5852-4efa-bc41-7947933d61cc
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
256
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a024ed36-2f48-4fa9-a899-760e6e0473ad&nocache=1667229618694&id5id=0&pubcid=45b094c7-bd19-4ae3-af4a-202dfe799505&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C43c49c07-8c75-48f7-a04e-664546e5ba56%2C%2C&aus=320x50&divids=24272x320x50x4142x_ADSLOT1&aucs=&auid=540580841&tps=bXlrZXl3b3JkPWJsYWNrYnl0ZW5ic3ByYW5zb213YXJlLGdyb3VwLGhpdCxhc2FoaSxncm91cCxob2xkaW5ncyxwcmVjaXNpb24sbWV0YWwsbWFudWZhY3R1cmluZyxtZXRhbCxzb2x1dGlvbixwcm92aWRlcnNlY3VyaXR5LGFmZmFpcnMmbXlvdGhlcmtleXdvcmQ9YmxhY2tieXRlbmJzcHJhbnNvbXdhcmUsZ3JvdXAsaGl0LGFzYWhpLGdyb3VwLGhvbGRpbmdzLHByZWNpc2lvbixtZXRhbCxtYW51ZmFjdHVyaW5nLG1ldGFsLHNvbHV0aW9uLHByb3ZpZGVyc2VjdXJpdHksYWZmYWlycw%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
cdd4aa3416d572ef8ca293452ccd51ce832333c50b29d31ebb8273a0ff3d83b2

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=43&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,43c49c07-8c75-48f7-a04e-664546e5ba56,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=45b094c7-bd19-4ae3-af4a-202dfe799505%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=a024ed36-2f48-4fa9-a899-760e6e0473ad&l_pb_bid_id=552c78e6e8b7008&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6500545746226889
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
23eb6718857f575ed3d4fba32e695f29886e8b00fd83f412aad80a61763650b7

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:18 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
onetag-sys.com/usync/ Frame F4C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://securityaffairs.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://securityaffairs.co
access-control-max-age
600
age
0
content-length
0
date
Mon, 31 Oct 2022 15:20:18 GMT
server
ATS/9.1.10.25
auction
prebidserver.pixfuture.com/openrtb2/ 		277 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
4f7c8ea8ba445d34b8481fcf55e065efa18d01467b84e6c115ba60a03e023f23

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
277
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=76096e29-8d92-48ca-abfe-30447a1ec40e&nocache=1667229618858&criteoid=IZPmaV9QMGV2bHN6dlhhTFBEb0hLcVZ6Q3JPME55UzZ4Yk9IWjhsbjRPTTZidlJpWnpuRE9yJTJGcFQlMkJoTXl1VUF4N3ElMkZwWEcydlZJUGJ1JTJGemExT0NEdlNKaU1BJTNEJTNE&id5id=0&pubcid=45b094c7-bd19-4ae3-af4a-202dfe799505&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C43c49c07-8c75-48f7-a04e-664546e5ba56%2C%2C&aus=320x50&divids=24272x320x50x4142x_ADSLOT1&aucs=&auid=540580841&tps=bXlrZXl3b3JkPWJsYWNrYnl0ZW5ic3ByYW5zb213YXJlLGdyb3VwLGhpdCxhc2FoaSxncm91cCxob2xkaW5ncyxwcmVjaXNpb24sbWV0YWwsbWFudWZhY3R1cmluZyxtZXRhbCxzb2x1dGlvbixwcm92aWRlcnNlY3VyaXR5LGFmZmFpcnMmbXlvdGhlcmtleXdvcmQ9YmxhY2tieXRlbmJzcHJhbnNvbXdhcmUsZ3JvdXAsaGl0LGFzYWhpLGdyb3VwLGhvbGRpbmdzLHByZWNpc2lvbixtZXRhbCxtYW51ZmFjdHVyaW5nLG1ldGFsLHNvbHV0aW9uLHByb3ZpZGVyc2VjdXJpdHksYWZmYWlycw%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
063c153dc66e320d3d8f3201d5cf713dced99cc94413f15995d40e3209f398ed

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-38-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:19 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=43&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,43c49c07-8c75-48f7-a04e-664546e5ba56,,&eid_criteo.com=IZPmaV9QMGV2bHN6dlhhTFBEb0hLcVZ6Q3JPME55UzZ4Yk9IWjhsbjRPTTZidlJpWnpuRE9yJTJGcFQlMkJoTXl1VUF4N3ElMkZwWEcydlZJUGJ1JTJGemExT0NEdlNKaU1BJTNEJTNE%5E1&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=45b094c7-bd19-4ae3-af4a-202dfe799505%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=76096e29-8d92-48ca-abfe-30447a1ec40e&l_pb_bid_id=7152ce6c63b3e7&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.43063090030453854
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bc9093dd76c8bf5a733b0b381f2b433d351e7d73bb22433012cf19904df6c8c1

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:18 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ee888a9bade44b5862cbee741a42f6b681b346277c20200717dc6d3b791f3008

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
prebid
ib.adnxs.com/ut/v3/ 		249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
89a8eaa0207aa0471067c8a1ae6dc174aa36899efee860ba6d83a123e916186c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:18 GMT
AN-X-Request-Uuid
c164f664-490b-4abe-ac23-869b686684e1
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
249
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		95 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22785090074351616%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&s=401f5820-dc6d-4d56-aaa4-4e7c1f0b9320&pv=9eb3105c-0eea-46cd-b43a-f91a776c41fa&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%2C%22rid%22%3A%2243c49c07-8c75-48f7-a04e-664546e5ba56%22%7D%5D%7D&userid=%7B%22criteoId%22%3A%22IZPmaV9QMGV2bHN6dlhhTFBEb0hLcVZ6Q3JPME55UzZ4Yk9IWjhsbjRPTTZidlJpWnpuRE9yJTJGcFQlMkJoTXl1VUF4N3ElMkZwWEcydlZJUGJ1JTJGemExT0NEdlNKaU1BJTNEJTNE%22%2C%22id5id%22%3A%220%22%2C%22pubcid%22%3A%2245b094c7-bd19-4ae3-af4a-202dfe799505%22%7D&eids=%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22IZPmaV9QMGV2bHN6dlhhTFBEb0hLcVZ6Q3JPME55UzZ4Yk9IWjhsbjRPTTZidlJpWnpuRE9yJTJGcFQlMkJoTXl1VUF4N3ElMkZwWEcydlZJUGJ1JTJGemExT0NEdlNKaU1BJTNEJTNE%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2245b094c7-bd19-4ae3-af4a-202dfe799505%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=blackbytenbspransomware%2Cgroup%2Chit%2Casahi%2Cgroup%2Choldings%2Cprecision%2Cmetal%2Cmanufacturing%2Cmetal%2Csolution%2Cprovidersecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bf594b85b1bc78cc4cf28e80ffaf7eb26fcf5f461bbf9c5c9013fa5c4305d245
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-33
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
120
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4ca76823bb8f1852fefde396d2f4456b681f481997d8aea69d15e407f61e39bb

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid
ap.lijit.com/rtb/ 		94 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
527836bee08bb8c8476114ab8f7f03f399432c0bd45a413caad947e8d8e85bf3

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 31 Oct 2022 15:20:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1667229618865&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.157.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-157-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
auction
prebidserver.pixfuture.com/openrtb2/ 		276 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e5a9991d5eb94cf08169e20f3a3a7ba3acbae49180b03f83fc77d90fd039f7e8

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
276
expires
0
prebid
ib.adnxs.com/ut/v3/ 		250 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
32ee9bc7258da5b092e165a660bd4ed80bd4a6e6bf5ae7e8f28fbdcfdf6cf9d6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:18 GMT
AN-X-Request-Uuid
fadded3b-f79b-44eb-b86b-8f924cfc585e
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://securityaffairs.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=eddf3f04-cd74-4a11-9f84-1d1013230423&nocache=1667229618870&criteoid=IZPmaV9QMGV2bHN6dlhhTFBEb0hLcVZ6Q3JPME55UzZ4Yk9IWjhsbjRPTTZidlJpWnpuRE9yJTJGcFQlMkJoTXl1VUF4N3ElMkZwWEcydlZJUGJ1JTJGemExT0NEdlNKaU1BJTNEJTNE&id5id=0&pubcid=45b094c7-bd19-4ae3-af4a-202dfe799505&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C43c49c07-8c75-48f7-a04e-664546e5ba56%2C%2C&aus=300x250&divids=24270x300x250x4142x_ADSLOT1&aucs=&auid=540580840&tps=bXlrZXl3b3JkPWJsYWNrYnl0ZW5ic3ByYW5zb213YXJlLGdyb3VwLGhpdCxhc2FoaSxncm91cCxob2xkaW5ncyxwcmVjaXNpb24sbWV0YWwsbWFudWZhY3R1cmluZyxtZXRhbCxzb2x1dGlvbixwcm92aWRlcnNlY3VyaXR5LGFmZmFpcnMmbXlvdGhlcmtleXdvcmQ9YmxhY2tieXRlbmJzcHJhbnNvbXdhcmUsZ3JvdXAsaGl0LGFzYWhpLGdyb3VwLGhvbGRpbmdzLHByZWNpc2lvbixtZXRhbCxtYW51ZmFjdHVyaW5nLG1ldGFsLHNvbHV0aW9uLHByb3ZpZGVyc2VjdXJpdHksYWZmYWlycw%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
52e7c139f6131f01e3e8a801ea72ba21fab585fbd68804d251c7cd70b15c0430

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://securityaffairs.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7dc36daee2bbec7c232f100706699ba723721cf983cd63b837b4f0fb1980a93b

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=378734&zone_id=2094440&size_id=15&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4142,1,43c49c07-8c75-48f7-a04e-664546e5ba56,,&eid_criteo.com=IZPmaV9QMGV2bHN6dlhhTFBEb0hLcVZ6Q3JPME55UzZ4Yk9IWjhsbjRPTTZidlJpWnpuRE9yJTJGcFQlMkJoTXl1VUF4N3ElMkZwWEcydlZJUGJ1JTJGemExT0NEdlNKaU1BJTNEJTNE%5E1&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=45b094c7-bd19-4ae3-af4a-202dfe799505%5E1&rf=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=eddf3f04-cd74-4a11-9f84-1d1013230423&l_pb_bid_id=1002d2a619d91b75&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5612188437413324
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
387d3c0275e193a5f80298e97d13126bfc44df241a011890710908f32329672c

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:18 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.38.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-38-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:19 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1667229618872&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.157.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-157-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.co
date
Mon, 31 Oct 2022 15:20:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5fa9a8fca62aadd884d5547a4e98471bdf938962dafebdb15a99e3b5b5c647e9

Request headers

Referer
https://securityaffairs.co/
x-openrtb-version
2.5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 31 Oct 2022 15:20:18 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
content-length
66
v1
prg.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
29dcb51c76ad3e3a3146479aec362dd5c91ba176acb3497d7babf2357dc65337

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://securityaffairs.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
trinity.json
apex.go.sonobi.com/ 		96 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22114bac8db1858057%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&s=f2791d1f-d2e2-464f-88b3-a2f683856e98&pv=9eb3105c-0eea-46cd-b43a-f91a776c41fa&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%2C%22rid%22%3A%221b6d0aa2-53a9-4fa4-b340-3962dbc60f0d%22%7D%5D%7D&userid=%7B%22criteoId%22%3A%22IZPmaV9QMGV2bHN6dlhhTFBEb0hLcVZ6Q3JPME55UzZ4Yk9IWjhsbjRPTTZidlJpWnpuRE9yJTJGcFQlMkJoTXl1VUF4N3ElMkZwWEcydlZJUGJ1JTJGemExT0NEdlNKaU1BJTNEJTNE%22%2C%22id5id%22%3A%220%22%2C%22pubcid%22%3A%2245b094c7-bd19-4ae3-af4a-202dfe799505%22%7D&eids=%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22IZPmaV9QMGV2bHN6dlhhTFBEb0hLcVZ6Q3JPME55UzZ4Yk9IWjhsbjRPTTZidlJpWnpuRE9yJTJGcFQlMkJoTXl1VUF4N3ElMkZwWEcydlZJUGJ1JTJGemExT0NEdlNKaU1BJTNEJTNE%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2245b094c7-bd19-4ae3-af4a-202dfe799505%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=blackbytenbspransomware%2Cgroup%2Chit%2Casahi%2Cgroup%2Choldings%2Cprecision%2Cmetal%2Cmanufacturing%2Cmetal%2Csolution%2Cprovidersecurity%2Caffairs&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
ce212b08abcb48a556d7236410a7b428a5c5b55968011954497f47550e85fc86
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:18 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-120
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://securityaffairs.co
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
121
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a6012b01ec3c9e9ee6572213682a99764cddfa25fbb874332ea635624a561c7f

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 31 Oct 2022 15:20:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://securityaffairs.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FB9A 		122 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dceb0c8604e4f625f4700085b736d8718eefceff81855c9c550bf522c787dbae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40206
x-xss-protection
0
server
cafe
etag
10485946412550780792
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 Oct 2022 15:20:19 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:19 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 02 Nov 2022 15:20:19 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E058 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a296a31900542f9dcf44a6c93b194b8b7f2557a6be6567431ae2e6bbc94d77d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40209
x-xss-protection
0
server
cafe
etag
5531299425913081112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 Oct 2022 15:20:19 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:19 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 02 Nov 2022 15:20:19 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E40B 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dceb0c8604e4f625f4700085b736d8718eefceff81855c9c550bf522c787dbae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40206
x-xss-protection
0
server
cafe
etag
10485946412550780792
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 Oct 2022 15:20:19 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:19 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 02 Nov 2022 15:20:19 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ Frame FB9A 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d68c5281ab220e603e41b35fae23e39be0398b9d19c5711745b651eb79384e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118892
x-xss-protection
0
server
cafe
etag
13162490174458228372
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 Oct 2022 15:20:19 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ Frame E058 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070591
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bbac2dbf4b744dacdb7f1ad6ee83a4a24c570590e4de2ea6526eacb91d36a8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119020
x-xss-protection
0
server
cafe
etag
16653032357122374897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 Oct 2022 15:20:19 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ Frame E40B 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6c9565b94778b4877d033b1dcb3c12d1a7fa1b6a1a57723a0bded91361ab34b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118886
x-xss-protection
0
server
cafe
etag
16633070805520652035
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 Oct 2022 15:20:19 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame E058 		403 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070591
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6888c7287cc86d7199b1e28a3d89c51b81ed336c216b16f48ebc001ee9517ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame E058 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070591
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E058 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070591
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6DB2 		78 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=Internal_728x90_0.10&adk=1194620937&adf=1480696135&pi=t.ma~as.Internal_728x90_0.10&w=728&lmt=1667229619&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667229619214&bpp=10&bdt=238&idt=308&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4138159051532&frm=21&ife=1&pv=2&ga_vid=1736302110.1667229616&ga_sid=1667229620&ga_hid=653146384&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=520&biw=1600&bih=1200&isw=728&ish=90&ifk=3219251258&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44775016&oid=2&pvsid=3109044028026604&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3hvaqfomy9en&fsb=1&xpc=Ww048jgens&p=https%3A//securityaffairs.co&dtd=327
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070591
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
523c98c9bfaa711c56168db3bf756ec86ea682977166b153ccb779a23946a773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
26311
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 31 Oct 2022 15:20:20 GMT
expires
Mon, 31 Oct 2022 15:20:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame FB9A 		403 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23db1b3362a8c79e128a508a904da23411a5955cd1384af2d56e1696deba8273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame FB9A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FB9A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 42F2 		0
0
cookie.js
partner.googleadservices.com/gampad/ Frame E40B 		403 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e120d69577762c8ca252e8d9d75a462a72b6e56fc4de3a837383aec266fb9084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
254
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame E40B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E40B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D89C 		77 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667229619&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667229619233&bpp=4&bdt=154&idt=357&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4138159051532&frm=21&ife=1&pv=1&ga_vid=1736302110.1667229616&ga_sid=1667229620&ga_hid=1774563369&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1903&biw=1600&bih=1200&isw=300&ish=250&ifk=3910786606&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070616%2C44775017&oid=2&pvsid=538666610846286&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.go6j3y8nygnp&btvi=1&fsb=1&xpc=pXlYGJXYM7&p=https%3A//securityaffairs.co&dtd=373
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
78f7073e5d196c226f5713ff7533a4217f6e2df174a19baf9a0b6c6371b0fbac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
27413
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 31 Oct 2022 15:20:20 GMT
expires
Mon, 31 Oct 2022 15:20:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
ads.us.e-planning.net/uspd/1/ Frame C86B
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
1 KB
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
74b0c49288c9ac9d7502df21bf1d5bf7c2c9ebc683bb6e489c49781b6d6b55a2

Request headers

Referer
https://securityaffairs.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 31 Oct 2022 15:20:20 GMT
expires
Mon, 31 Oct 2022 15:20:20 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Mon, 31 Oct 2022 15:20:20 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-927
sodar
pagead2.googlesyndication.com/getconfig/ Frame FB9A 		0
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 6885 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4473bb2278ce6d0ceebeea7572a0b17f854eefe23a18f5d6b5fa28f3c6260178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40209
x-xss-protection
0
server
cafe
etag
5931625268901709212
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 Oct 2022 15:20:19 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:19 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 02 Nov 2022 15:20:19 GMT
vtr.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/vtr.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:20 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 02 Nov 2022 15:20:20 GMT
vtr.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/vtr.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.co/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:20 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 02 Nov 2022 15:20:20 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ Frame 6885 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070590
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fad1ffbd24fe26fc6566f68d4faeb0b3bf9310e55eea3d7a13ab4531899d12d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118892
x-xss-protection
0
server
cafe
etag
11014024380862723281
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 Oct 2022 15:20:20 GMT
ptag
a.audrte.com/ Frame C86B 		0
0
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame C86B 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 30 Oct 2027 15:20:19 GMT
um
u-ams03.e-planning.net/ Frame C86B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D45e4f53c76e97113%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=45e4f53c76e97113&uid=5258165350033671309
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=45e4f53c76e97113&uid=5258165350033671309
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
185.172.90.252 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

server
openresty
date
Mon, 31 Oct 2022 15:20:20 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 15:20:20 GMT
AN-X-Request-Uuid
2d7fdce3-4cae-4ca3-806e-2df6e5e3a1e4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=45e4f53c76e97113&uid=5258165350033671309
Connection
keep-alive
X-Proxy-Origin
217.138.196.108; 217.138.196.108; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame C86B 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:19 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 30 Oct 2027 15:20:19 GMT
usync.html
eus.rubiconproject.com/ Frame D436
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Oct 2022 15:20:20 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 31 Oct 2022 15:20:20 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame CA8C 		1 KB
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 -, , ASN (),
Reverse DNS
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Mon, 31 Oct 2022 15:20:20 GMT
etag
W/"61ddbb71-5f5"
expires
Mon, 21 Jun 2027 11:13:51 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
20.214
x-cf-tsc
1655896432
x-cf1
29080:dB.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
M
x-cff
B
/
spl.zeotap.com/ Frame D164 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0cad69c9e7445a51b9e153adfd1cbe6ba80b584324a41af0d7dbe94fa5049e81

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
762d5fc619788e09-LHR
content-encoding
br
content-type
text/html
date
Mon, 31 Oct 2022 15:20:20 GMT
server
cloudflare
vary
Origin
via
1.1 google
cookie.js
partner.googleadservices.com/gampad/ Frame 6885 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548&cookie=ID%3Ddd982f205307b32e-22cb99e060ce00d0%3AT%3D1667229619%3ART%3D1667229619%3AS%3DALNI_Ma_H2QbEyVyrJmyTXF03uDvQQuVHg&gpic=UID%3D00000b7aabfb2bfb%3AT%3D1667229619%3ART%3D1667229619%3AS%3DALNI_MbwFLe1AMy_J58IV-Vkm-BHJfAJRg&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070590
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 6885 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070590
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6885 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&bust=31070590
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://securityaffairs.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 17CF 		0
0
getuid
ib.adnxs.com/ Frame D164 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame D164 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/push/ Frame D164
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
0
0
/
dmp.adform.net/serving/cookie/match/ Frame D164 		0
0
generic
match.adsrvr.org/track/cmf/ Frame D164 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 31 Oct 2022 15:20:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame D164 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Mon, 31 Oct 2022 15:20:20 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1667229620.329734,VS0,VE9
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-lcy19221-LCY
u
dmp.v.fwmrm.net/ad/ Frame D164 		0
0
mw
mwzeom.zeotap.com/ Frame D164
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=68483568-5C17-45FA-8D72-F94AD693B523&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b38997...
0
0
genericusersync.ashx
sync.tidaltv.com/ Frame D164 		0
0
ibs:dpid=199624&dpuuid=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_c...
dpm.demdex.net/ Frame D164 		0
0
/
loadeu.exelator.com/load/ Frame D164 		0
0
/
dsp.adfarm1.adition.com/cookie/ Frame D164 		0
0
receive
pixel.tapad.com/idsync/ex/ Frame D164 		0
0
ids
idsync.frontend.weborama.fr/ Frame D164 		0
0
getuid
sync.smartadserver.com/ Frame D164 		0
0
tpid=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame D164 		0
0
cms
cms.analytics.yahoo.com/ Frame D164 		0
0
mw
mwzeom.zeotap.com/ Frame D164
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=9MhQKoDjAsuV8yEbij13xYMxSIGmDu1e%2BS41iYitP1U%3D
95 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=9MhQKoDjAsuV8yEbij13xYMxSIGmDu1e%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
762d5fc6ea558e09-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Oct 2022 15:20:20 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=9MhQKoDjAsuV8yEbij13xYMxSIGmDu1e%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame D164 		0
0
usermatch.gif
beacon.krxd.net/ Frame D164 		0
0
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame D164 		0
0
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame D164 		0
0
v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame D164 		0
0
v2
usermatch.krxd.net/um/ Frame D164 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame D164 		0
0
87734
tags.bluekai.com/site/ Frame D164 		0
0
zeo
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/ Frame D164 		0
0
token
pixel.rubiconproject.com/ Frame D164 		0
0
syncd
x.bidswitch.net/ Frame D164 		0
0
84c8dfa227218a7b436003265dc6c69e.js
www.gstatic.com/mysidia/ Frame D89C 		0
0
40f44225e0a1c31e628c89e0882e5f2b.js
www.gstatic.com/mysidia/ Frame D89C 		0
0
css
fonts.googleapis.com/ Frame D89C 		0
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D89C 		0
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame D89C 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D89C 		0
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D89C 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D89C 		119 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=Internal_300x250_0.10&adk=1639670682&adf=1480696132&pi=t.ma~as.Internal_300x250_0._&w=300&lmt=1667229619&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667229619233&bpp=4&bdt=154&idt=357&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4138159051532&frm=21&ife=1&pv=1&ga_vid=1736302110.1667229616&ga_sid=1667229620&ga_hid=1774563369&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=1903&biw=1600&bih=1200&isw=300&ish=250&ifk=3910786606&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070616%2C44775017&oid=2&pvsid=538666610846286&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.go6j3y8nygnp&btvi=1&fsb=1&xpc=pXlYGJXYM7&p=https%3A//securityaffairs.co&dtd=373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 15:20:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Oct 2022 15:20:20 GMT
6d06f43d9219529f87f676616f1c0e3b.js
www.gstatic.com/mysidia/ Frame D89C 		0
0
css
fonts.googleapis.com/ Frame 6DB2 		0
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 6DB2 		0
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 6DB2 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 6DB2 		0
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 6DB2 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6DB2 		0
0
6d06f43d9219529f87f676616f1c0e3b.js
www.gstatic.com/mysidia/ Frame 6DB2 		0
0
usync.js
eus.rubiconproject.com/ Frame D436 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=81cc3f1e67b6f0bd8d3898f302147301
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=81cc3f1e67b6f0bd8d3898f302147301
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=81cc3f1e67b6f0bd8d3898f302147301
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=81cc3f1e67b6f0bd8d3898f302147301
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696134&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667229619&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667229619183&bpp=12&bdt=239&idt=373&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4138159051532&frm=21&ife=1&pv=1&ga_vid=1736302110.1667229616&ga_sid=1667229620&ga_hid=1590757808&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=871&biw=1600&bih=1200&isw=320&ish=50&ifk=3011330007&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016%2C31069794&oid=2&pvsid=2177527359127643&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.c1nwexi8j9l&fsb=1&xpc=4gQloSYeRl&p=https%3A//securityaffairs.co&dtd=390
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env
Domain
a.audrte.com
URL
https://a.audrte.com/ptag?p=M1353665098
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=Internal_320x50_0.10&adk=468307373&adf=1480696133&pi=t.ma~as.Internal_320x50_0.10&w=320&lmt=1667229620&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F137803%2Fcyber-crime%2Fblackbyte-ransomware-asahi-group-holdings.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667229619993&bpp=22&bdt=112&idt=185&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&cookie=ID%3Ddd982f205307b32e-22cb99e060ce00d0%3AT%3D1667229619%3ART%3D1667229619%3AS%3DALNI_Ma_H2QbEyVyrJmyTXF03uDvQQuVHg&gpic=UID%3D00000b7aabfb2bfb%3AT%3D1667229619%3ART%3D1667229619%3AS%3DALNI_MbwFLe1AMy_J58IV-Vkm-BHJfAJRg&correlator=4138159051532&frm=21&ife=1&pv=1&ga_vid=1736302110.1667229616&ga_sid=1667229620&ga_hid=707572272&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=871&biw=1600&bih=1200&isw=320&ish=50&ifk=3011330007&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44770147%2C31070590%2C44774292%2C44775016%2C31069563&oid=2&pvsid=2941154181513852&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7lsubnsqri35&fsb=1&xpc=9vwzwS5sdb&p=https%3A//securityaffairs.co&dtd=207
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361
Domain
dmp.adform.net
URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
dmp.v.fwmrm.net
URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Domain
mwzeom.zeotap.com
URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=68483568-5C17-45FA-8D72-F94AD693B523&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=199624&dpuuid=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361
Domain
loadeu.exelator.com
URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb
Domain
idsync.frontend.weborama.fr
URL
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361
Domain
sync.smartadserver.com
URL
https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
cms.analytics.yahoo.com
URL
https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
beacon.krxd.net
URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361
Domain
engine.widespace.com
URL
https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
usermatch.krxd.net
URL
https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/87734?id=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
URL
https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/token?pid=41544&puid=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbb42d9a7-ef20-43a9-6b6b-d35e87b226eb%26reqId%3Db3899700-b726-4344-51ba-fef30cae887f%26zdid%3D1361
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/40f44225e0a1c31e628c89e0882e5f2b.js?tag=text/vanilla_highlight
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
www.gstatic.com
URL
https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings undefined| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| mnetCustomerData function| injectMnetScript object| _mNHandle string| medianet_versionId object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus boolean| sop_pview_logged string| stWidgetVersion object| stLight boolean| st_showing function| gtag object| dataLayer object| WPCOM_sharing_counts object| click_object object| Main object| BrowserDetect object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer function| $j function| imagePreview object| sharing_js_options object| WPCOMSharing undefined| windowOpen object| _stq object| wp object| twemoji function| st_go function| linktracker_init object| wpcom string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| _mN function| logFailoverPing object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData string| pxft_clear_cache_flag undefined| pxft_first_init_activated object| displayPlacement_PF_script boolean| pixfuture_environment_started function| init_____display____pixfuture boolean| isPending string| prebid_file function| findCMP_PixFuture object| pbjs_pixChunk object| pbjs_pix object| _pbjsGlobals object| mnet object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

24 Cookies

Domain/Path Name / Value
securityaffairs.co/ Name: cookielawinfo-checkbox-necessary
Value: yes
securityaffairs.co/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.securityaffairs.co/ Name: _ga_P62M3QN974
Value: GS1.1.1667229616.1.0.1667229616.0.0.0
.securityaffairs.co/ Name: _ga_8ZWTX5HC4Z
Value: GS1.1.1667229616.1.0.1667229616.0.0.0
.securityaffairs.co/ Name: _ga
Value: GA1.2.1736302110.1667229616
.securityaffairs.co/ Name: _gid
Value: GA1.2.194442317.1667229616
.securityaffairs.co/ Name: _gat_gtag_UA_59069958_1
Value: 1
.agkn.com/ Name: ab
Value: 0001%3Ar462s8wEevchiIJS1UQKokwuOdy9wpNz
securityaffairs.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.securityaffairs.co/ Name: _pubcid
Value: 45b094c7-bd19-4ae3-af4a-202dfe799505
securityaffairs.co/ Name: _lr_retry_request
Value: true
securityaffairs.co/ Name: _lr_env_src_ats
Value: false
.adnxs.com/ Name: uuid2
Value: 5258165350033671309
securityaffairs.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-31T15%3A20%3A17%22%7D
.adnxs.com/ Name: anj
Value: dTM7k!M4/8D>6NRF']wIg2Ilem_)bC!fss0=Ir4A3KL9D3I?.%=JU#G
.rubiconproject.com/ Name: khaos
Value: L9WXGUZD-7-2APE
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB03wTTVa5Ui2lqbBgMWySGKoH1GQZR6kugTcNOBtGbweNe6OaSakFyKzYmEmZ/QEGXIxIvkAgQ2rTOZUHL6E73cMj20TaXysiPQD5U7tEfUTQ==
.adnxs.com/ Name: icu
Value: ChgI3sJXEAoYASABKAEwss__mgY4AUABSAEQss__mgYYAA..
.securityaffairs.co/ Name: cto_bundle
Value: FHZF8l82NmMza2dUZHVpb2pJSUptMHR0MTl6TmxQTUZVUThGVHVsUVpnVVBoNmVDa1MzSmg1MzdQWHluWVdIZmFaejJkQmM2Z3prcmlxJTJCakE5Vkd4RklZJTJCdG1Gb25ubUF3TmhGZlpiVlhpWGIyTlFSNFh5TDJRQ0tYYzBFVEpOVXRYRTg
.securityaffairs.co/ Name: cto_bidid
Value: IZPmaV9QMGV2bHN6dlhhTFBEb0hLcVZ6Q3JPME55UzZ4Yk9IWjhsbjRPTTZidlJpWnpuRE9yJTJGcFQlMkJoTXl1VUF4N3ElMkZwWEcydlZJUGJ1JTJGemExT0NEdlNKaU1BJTNEJTNE
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s8533|Y1/nt
.securityaffairs.co/ Name: __gads
Value: ID=dd982f205307b32e-22cb99e060ce00d0:T=1667229619:RT=1667229619:S=ALNI_Ma_H2QbEyVyrJmyTXF03uDvQQuVHg
.securityaffairs.co/ Name: __gpi
Value: UID=00000b7aabfb2bfb:T=1667229619:RT=1667229619:S=ALNI_MbwFLe1AMy_J58IV-Vkm-BHJfAJRg

8 Console Messages

Source Level URL
Text
security error URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html(Line 392)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=81cc3f1e67b6f0bd8d3898f302147301'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html(Line 393)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=81cc3f1e67b6f0bd8d3898f302147301'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html(Line 394)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=81cc3f1e67b6f0bd8d3898f302147301'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html(Line 395)
Message:
Mixed Content: The page at 'https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=81cc3f1e67b6f0bd8d3898f302147301'. This request has been blocked; the content must be served over HTTPS.
javascript error URL: https://securityaffairs.co/wordpress/137803/cyber-crime/blackbyte-ransomware-asahi-group-holdings.html
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://securityaffairs.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bb42d9a7-ef20-43a9-6b6b-d35e87b226eb&reqId=b3899700-b726-4344-51ba-fef30cae887f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ads.us.e-planning.net
adservice.google.co.uk
adservice.google.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
bcp.crwdcntrl.net
beacon.krxd.net
btlr.sharethrough.com
c2shb.pubgw.yahoo.com
cdn.pixfuture.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
contextual.media.net
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
engine.widespace.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i.e-planning.net
i0.wp.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
l.sharethis.com
lb.eu-1-id5-sync.com
lg3.media.net
loadeu.exelator.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pixfuture2-d.openx.net
prebid.media.net
prebidserver.pixfuture.com
prg.smartadserver.com
region1.google-analytics.com
s.e-planning.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securityaffairs.co
served-by.pixfuture.com
spl.zeotap.com
ssc.33across.com
stats.wp.com
sync-tm.everesttech.net
sync.richaudience.com
sync.smartadserver.com
sync.tidaltv.com
tags.bluekai.com
tpc.googlesyndication.com
trc.taboola.com
u-ams03.e-planning.net
usermatch.krxd.net
ws.sharethis.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.audrte.com
aax-eu.amazon-adsystem.com
api.rlcdn.com
bcp.crwdcntrl.net
beacon.krxd.net
cms.analytics.yahoo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
engine.widespace.com
eus.rubiconproject.com
fonts.googleapis.com
googleads.g.doubleclick.net
idsync.frontend.weborama.fr
loadeu.exelator.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
sync-tm.everesttech.net
sync.richaudience.com
sync.smartadserver.com
sync.tidaltv.com
tags.bluekai.com
tpc.googlesyndication.com
usermatch.krxd.net
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
137.184.242.150
141.95.33.111
142.250.184.226
162.19.138.116
178.250.0.157
18.198.228.5
185.172.90.249
185.172.90.251
185.172.90.252
185.64.189.112
185.89.210.20
185.89.210.212
192.0.76.3
192.0.77.2
2.18.235.93
2001:4860:4802:32::36
2001:8d8:100f:f000::289
205.234.175.175
23.203.77.3
23.35.228.23
2600:9000:2057:fa00:3:c04e:c780:93a1
2602:803:c004:200::141
2606:4700:10::ac43:db6
2606:4700:20::681a:744
2606:4700::6812:bcf
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2008
2a02:2638::1c
2a04:4e42:400::300
2a04:fa87:fffe::c000:4902
3.248.145.65
3.33.220.150
3.65.157.79
34.107.148.139
34.149.20.76
35.244.159.8
51.89.9.253
52.28.203.152
52.28.38.64
68.183.31.14
69.166.1.8
72.251.249.14
81.17.55.161
96.16.141.156
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584
0564cb8ae97e347bee54164eac8198e931e0ed039c2ed5ccb09f2996e72dc245
063c153dc66e320d3d8f3201d5cf713dced99cc94413f15995d40e3209f398ed
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
08e441689be2247c4eb0935b76ba772829f06a73aad0ae14b53665e6a40c2138
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878
0cad69c9e7445a51b9e153adfd1cbe6ba80b584324a41af0d7dbe94fa5049e81
0d68c5281ab220e603e41b35fae23e39be0398b9d19c5711745b651eb79384e0
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742
140e17bdd8186191131c02a6da856adbda9a3d9b961f994407e67f4caeca48e5
14a7e1756ccfd4d2b7b52aced206cc263e338034dc1d727374dbadddd03b0df4
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82
1b582acaf161db1ef436343a487e95a35a5ee579d35893ad726dce7fa4b85b4c
1bbac2dbf4b744dacdb7f1ad6ee83a4a24c570590e4de2ea6526eacb91d36a8c
1ee43b9f0b9d04dbb343045c231271c35c917319b8d0ac01ec9c0b5cfc8f24e6
1f36e7aae8fe3202839545f7bf1b94ba1c61e9a07cdf9ed21271cb84f00f50a3
2097263f6f5a3e183ab35cd60a00a7d3d289b5f0437a2c20fad1e2832ca53978
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
22185e5ec683a5901e9700dbd446b28614a8eee7f02e0537e799a9cc5740f45f
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732
23db1b3362a8c79e128a508a904da23411a5955cd1384af2d56e1696deba8273
23eb6718857f575ed3d4fba32e695f29886e8b00fd83f412aad80a61763650b7
27af6a936f27c245f807aef4673133e343b4d791c45ada798049d38a55e3634c
293f0aa165671eb3467283e8bd8d72c982abc7f4769140c320136c790e055804
29dcb51c76ad3e3a3146479aec362dd5c91ba176acb3497d7babf2357dc65337
2bae9fc3e57c860103d1e03360ba3246e3b6c5bcaa6f3183ce8066cc69843a5d
323487f697275db6c264c80af0ffcda07ad10a6be21ab9395fd70991575bf622
32ee9bc7258da5b092e165a660bd4ed80bd4a6e6bf5ae7e8f28fbdcfdf6cf9d6
37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d
387d3c0275e193a5f80298e97d13126bfc44df241a011890710908f32329672c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4473bb2278ce6d0ceebeea7572a0b17f854eefe23a18f5d6b5fa28f3c6260178
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
4a296a31900542f9dcf44a6c93b194b8b7f2557a6be6567431ae2e6bbc94d77d
4ca76823bb8f1852fefde396d2f4456b681f481997d8aea69d15e407f61e39bb
4cdecc62f5b2c8e9f7cf7b14b9fd42e0c4787d912c1b71426cdfbe0144cede46
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f7c8ea8ba445d34b8481fcf55e065efa18d01467b84e6c115ba60a03e023f23
523c98c9bfaa711c56168db3bf756ec86ea682977166b153ccb779a23946a773
527836bee08bb8c8476114ab8f7f03f399432c0bd45a413caad947e8d8e85bf3
52e7c139f6131f01e3e8a801ea72ba21fab585fbd68804d251c7cd70b15c0430
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
5fa9a8fca62aadd884d5547a4e98471bdf938962dafebdb15a99e3b5b5c647e9
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
66c8bd5f6607ecb37f91ed304fd8f819561d2b45b6b91999753cdab897b50f00
66f68c707df554d1b5daac682b2af0a28032aa41336b7ed2003a8571310a2afe
6888c7287cc86d7199b1e28a3d89c51b81ed336c216b16f48ebc001ee9517ee2
6acaf1e28f06b9575940731ab904b18dde4d2bf52618c42fddb14d0d9b6c028c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6ca415c9a8f192c250211ea992ee493ccfdf437b9803518f6e5ac7e318e881d3
6d9f061cba81145d9bab0964192d66cb2e13a71591482cdfaf5b718341171da1
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
73f589950075910eafb3bc61bb0fb3310aae2119ee58a784aa12a3658bed2294
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46
74b0c49288c9ac9d7502df21bf1d5bf7c2c9ebc683bb6e489c49781b6d6b55a2
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1
773ed4062ad3efbbc4be804558ba63e65df5c66cfc36d63d485a52ce7c04589f
78f7073e5d196c226f5713ff7533a4217f6e2df174a19baf9a0b6c6371b0fbac
7b3a787dc7fd0fdae75d31f5e5dd846b8112412e009c8606a0bb9850d9fb6ff0
7dc36daee2bbec7c232f100706699ba723721cf983cd63b837b4f0fb1980a93b
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
89a8eaa0207aa0471067c8a1ae6dc174aa36899efee860ba6d83a123e916186c
8bd198770be5374fbd70821b1ea71c9a40a926f444900632e336625f6c923d1f
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535
8f9bff533ca717c10b0a174e354bc152b3d12367b9e1a151d7c641a37a348ad9
8fc785143656694f46ec30d15c0a73e1fe1a0edee8b4dee8decbd822120b34e4
922ece4590256688b382f0a5f6ec2e251ffbef50ee7432a49e75026330979dca
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b
9ab4d3f954bbf9b20c1ec4c2eeef5461ab7d867c2b8e474560487e5017f494cf
9b978821f78e7bd3a48e5ae8fd7121a291eec506579406745800ca0590f0907c
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a
a0dc45b07153920d06e669676d8d6a7592971683f1381aefc5c95b83dd62a2bf
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a4941d4108a3026b2ed4076f9567e4a4ff693f4081d64d394bf497a39a59b1cd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6012b01ec3c9e9ee6572213682a99764cddfa25fbb874332ea635624a561c7f
ad0bb9ae5403f4dcd536b469b0400c1ab15d8492afc345d9e6bc5f053cde0dcc
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b42aa70dfb3374a1ca8fb1f19fb4babe128da97218325f7f2db8771f324bcac7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4d0bc62b8d78ed6555fb618251c2764e6d6854533da3ba76ad208acc2a2162e
b6c9565b94778b4877d033b1dcb3c12d1a7fa1b6a1a57723a0bded91361ab34b
b73b55037a23d240e4fa9bd78f2ec69f4412a8e8c8b76a741a63de9e38afa920
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9115cb59149c9fb53ef9be2a565f459bfe487ad880b0be6c82cd02797cdc811
b9619c0bdb9e3a907c802c92acfcccd824da971963fd70d27ab3d8f85335422d
bc9093dd76c8bf5a733b0b381f2b433d351e7d73bb22433012cf19904df6c8c1
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bd95e27ed3863b379998bcd9b85fd1e0a1f41eaef425cfd14e09bab01244c7b7
bf594b85b1bc78cc4cf28e80ffaf7eb26fcf5f461bbf9c5c9013fa5c4305d245
bf927c4e61681bb6f40d5a1d2be968567eb720a667d6c259db51332884e06d91
c0515f174257e5e8c2b69445e28f1cca8792be06d315b7772fc16234937d5cde
c09fa9679fb13cb821998f533f0f3b51a4a1756bbc05004aef91f8f217c54712
c4e66e9b98c8afe944dd5e02641f05fd65a22e791164b9d824f20f742e16bbe2
cacf3cc6bdad466ccf18c534caf82219ab9c43b30d007c4cbc9e80383761ff46
cdd4aa3416d572ef8ca293452ccd51ce832333c50b29d31ebb8273a0ff3d83b2
ce212b08abcb48a556d7236410a7b428a5c5b55968011954497f47550e85fc86
ceb6d0c8321627007c1ca8f7de8f5fafc5a7140cceabe7d8adce562fc4885de7
d727ca15ce0dfe19332eec36b5e6c6192247d3f6468bb9aafddeac238acd0a2a
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dceb0c8604e4f625f4700085b736d8718eefceff81855c9c550bf522c787dbae
dda6ad33ac53197002b0e3c6c09f3714a6c79b73969d15666500689d8fc50d3c
e027a712b4c838c1ca6839fb7592fe7e6a4e22b291ea190889ea1d2db4ac6cda
e120d69577762c8ca252e8d9d75a462a72b6e56fc4de3a837383aec266fb9084
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e5a9991d5eb94cf08169e20f3a3a7ba3acbae49180b03f83fc77d90fd039f7e8
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964
ec1529bf0d8ff46c9fe82d9b06670087acdd52acab1c61770316aee466f42ace
ee888a9bade44b5862cbee741a42f6b681b346277c20200717dc6d3b791f3008
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f1f9eda417444f06ef060dd832d8821c84f081a98cdf62acfe981f5554c894dc
f20d84a221b370cf772dde00a1285d193ae3ca2ef6fc84f19d29b7735b07b92e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f48cd30d129c7b7d4fb6460753e1ad27d4ce791686787e5521e1ffb741fd00d7
f543bb6d5ad9236faca29fde5bdc1f31a61cf0afcb20741a439e7c8e86be84b7
fad1ffbd24fe26fc6566f68d4faeb0b3bf9310e55eea3d7a13ab4531899d12d7
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fd3797f996f8945636abd5640a215b3168a6914fd02fa327c5c963d2e5b87acd
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb