www.theregister.com Open in urlscan Pro
104.18.4.22 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.theregister.com/2024/07/09/evolve_lockbit_attack
Submission: On July 11 via api (July 11th 2024, 11:38:36 pm UTC) from US — Scanned from CA

Summary HTTP 108 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 8 domains to perform 108 HTTP transactions. The main IP is 104.18.4.22, located in and belongs to CLOUDFLARENET, US. The main domain is www.theregister.com. The Cisco Umbrella rank of the primary domain is 92559.
TLS certificate: Issued by WE1 on July 7th 2024. Valid for: 3 months.

This is the only time www.theregister.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	104.18.4.22 104.18.4.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2607:f8b0:400... 2607:f8b0:400d:c0f::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c01::61	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:400d:c04::71	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:400d:c03::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c07::84	15169 (GOOGLE) (GOOGLE)
5 7	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c1d::5e	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c19::84	15169 (GOOGLE) (GOOGLE)
1 14	104.18.5.22 104.18.5.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4004:c09::8b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:c86d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::69	15169 (GOOGLE) (GOOGLE)
108	16

29 104.18.4.22 (None, )

ASN13335 (CLOUDFLARENET, US)

www.theregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:400d:c0f::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c01::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:400d:c04::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:400d:c03::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

74d25e35f30685448c1566060fa924cf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:38::181 (United States) 5 redirects

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c1d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c19::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.5.22 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nir.theregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.theregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c09::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c86d (United States)

ASN13335 (CLOUDFLARENET, US)

regmedia.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::69 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	theregister.com 1 redirects www.theregister.com — Cisco Umbrella Rank: 92559 nir.theregister.com — Cisco Umbrella Rank: 218167 go.theregister.com — Cisco Umbrella Rank: 202686	182 KB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 74d25e35f30685448c1566060fa924cf.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 180	962 KB
20	google.com 5 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 761 analytics.google.com — Cisco Umbrella Rank: 157 www.google.com — Cisco Umbrella Rank: 5	79 KB
12	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 234 stats.g.doubleclick.net — Cisco Umbrella Rank: 133	26 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 67
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	157 KB
1	regmedia.co.uk regmedia.co.uk — Cisco Umbrella Rank: 123540	408 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 9555	63 B
108	8

	Domain	Requested by
29	www.theregister.com	www.theregister.com
16	pagead2.googlesyndication.com	pagead2.googlesyndication.com
13	nir.theregister.com	pagead2.googlesyndication.com www.theregister.com
12	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	securepubads.g.doubleclick.net	pagead2.googlesyndication.com www.theregister.com
7	analytics.google.com	5 redirects www.googletagmanager.com
5	www.google-analytics.com	www.theregister.com
2	www.googletagmanager.com	www.theregister.com www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	regmedia.co.uk	www.theregister.com
1	go.theregister.com	1 redirects
1	www.google.ca	www.theregister.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	74d25e35f30685448c1566060fa924cf.safeframe.googlesyndication.com	pagead2.googlesyndication.com
108	15

This site contains links to these domains. Also see Links.

Domain
account.theregister.com
search.theregister.com
whitepapers.theregister.com
forums.theregister.com
www.reddit.com
twitter.com
www.facebook.com
www.linkedin.com
api.whatsapp.com
www.maine.gov
www.getevolved.com
www.federalreserve.gov
www.nextplatform.com
devclass.com
blocksandfiles.com
situationpublishing.com

Subject Issuer	Validity	Valid
theregister.com WE1	`2024-07-07` - `2024-10-05`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.ca WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
Frame ID: C2AD14E2437C6CE4674BA5697C52C765
Requests: 63 HTTP requests in this frame

Frame: https://74d25e35f30685448c1566060fa924cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5D95FB7E4E890F0C637EECDD834DCA5C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssB_lxp4lu8meEefeC3y74o14HNVgByKkIfNYBf_ROmLTGSFjeW2vqeodUUZ4DpJsjGoJuBOXYBcfXDTEKisxZ2VozzHngPoISKgwSyyWWteZb89r7JUbT5_bQ4yw1LYWXiXUunhOigxASjojCjScJfY5CzN8l8D6Y3gZtzWuhz8ruWc20OyTznsEHF6KbJbR1161jJccXRiZ7kGjqe_s0kKI3qd0vYgD2m5D9r1CvDw9NdjD3IrPCUVfVx856ryMISJZYKrnvbBjiH02ZNgM9PJFe3okJabpwOHf8A71PGz5h1KeaCvtpBsW5xftQ_1Rd2wefpyntWOfWt9rchfmv49_nk6NLck62R6T8UsyCfYkCoRtuNO8U7U5oVqyJB9Rt_vIn1&sai=AMfl-YQNXtLdegcG9fc18bwgfE7n7dFZGZYiwkUoxNygnTsUyIHtPL7b9itALm8D0Yfw_neMIZvWJ6Ki95XK4ykTvTMK0JKscl7qQkZX931KYPd-rogxHrHzbhTViDfc8g-wYgcZu5TOMo_TQZcuMcHcygpS&sig=Cg0ArKJSzEZ-anhVNBZhEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 008C47E6FE2944A45577EA7444876407
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunh55UwufQurHgFynQUKq1ztedW-B5iiylFVATi84w699qXcYba_1vXNMp2nz3l1xnxSAgi9sHtG02xYmxP01AoCvOKpeKAlzqRD4Ss1MKuqPKpSHk5-ZQIm2GqxjT1jyQ9plttN8JVNEUiBj8waazxhYyacDBOz03kfwpATW6AjKU8CcVQQMryxRqftnQn8pyh3SMvP0IpcMGK8taH99BzobcIy3-oWFSql3JkXdVWCust0EE7V6mBQkWoWASkMP-sVBUJbycNOkzZTB1IPOVSDvIhwxEj0LgCGErnnsUsLod37O99_P-E-x2hRs6Dm-Z3e7TKSkcM1ddAyzXm8--U-BCMZU-Gs_LZ-wJLM8&sai=AMfl-YToDwIT7ToOzaj4joVPcFKf63uEY9U5bGl9lt-MWpyQFntR9C2sRnt3zeEsGqybfk4EIh8lqLgsFO91FcpN3V7L6DVJ6ZTTeNDsbjplYq0A2z0v122BJd1vFRvBvXmfS3YRigUCNMCx6nZnztHaBS5e&sig=Cg0ArKJSzK0vN-cNU7XUEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: FC51A8E25881AC4E7B793C946CAC84C0
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVDzCms21mnzFKB8ZPvNR3j_qQ6p0ywIYLGLP3Hqn-vU3LrWTSG6FYS04vPfkNpKUfmtRVzgKPpbd3H9t3YlLdtQdtjFX_v1z4Mrj3NVk5092GCgn3yqkRqOE-1H6QwwnluN5UiohtjKLfQumf1RH7LfbAYn9Q-sqP--eLRFiRDCV5APvcZdJuR6g3OsVNNhqHi1qTLM7-BheVd-PFPUnaHeEjwJQU-uqG7isI0n5HFjpnlcB25Izr_8QVX5iC96lCiYh5--xzn6s7zJnutwNUG1g3deP7UgBMvG-hTj7qXX16-5h9qC5CEBiuoACEzAJJtkd9GPlTMgLmy3gAiJBKHQF7x9Y3jDaNrSTUVogyquL_DTLC7kSOJl8ksXVq-Jri-m-S&sai=AMfl-YRcJDIRo3VLVMSuDTO38EMQlNWAJWDPdINOJpNcZHWYR5RrqEQaUj4yRadu1wGbULE7j3Dde5KT1vHJVylitcuU_7DD0NeK1yW-OiXWrsDc_fYab3_U9Lhp0ipwTk04_gkt-iD_3hCBq9O0R4u7kWgE&sig=Cg0ArKJSzFwBUL0CYOn6EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: C3B0B2EE114AA0EAC8678E9A0F58147C
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstehi3IN_AAXsAfftbc6WuPfFluGRMcRPV38Uwb70n7fY6E3nOtY94zBqdHnBkPstVkToiyymVX2YS2b-zuRtyYlN9GxJVNhEh73BGfefqxHHvffDp6D0CDOH0YJTuy3BQiuUBWlRytaI7OY-wfupr7O6UA1YNjqFgH4V33VxTNULUcx-ZYeJ8K4-n1W4YNdVTIV3B4uEQJacsZMtxaVe0ODERemBO_KGEnpniU_NQj6FvVOWxJzzbVkQV98wsYS6GB_Acz3JGkDuS3c3yut1H_hQm3eKwrJb8OpZAi89JTG9M1JmV4rwa09bowJVlsRH6wo-CcrY4Dy_b3EyGze6Pkh4RBOGjtHognJg3TjYdhQkIbdecFSuPKSJPSQkf-jKubljP0&sai=AMfl-YSooCdoIEv5pKDlUW48HMX043G-DRZQkqOdIHDfRPfTLsBy-JXlubVuy0k3mWO-HdmiNg61nIo208tSUZmW5gsc6EMdRoJJEzv8WZ0jMvV2Relz8-odmzYBshBvAY6hDYad2fiPRA3YOFsZA6LqBP4i&sig=Cg0ArKJSzLy70utnoXTpEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: F21D7CB156880B861FE6A67C44B96C35
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvPGWnLIurM_tz7-PA9ShkMPIWTEJc4smEbQwq4wolIF5eHUCE5guXAnaD3oZTlVmFT5Wa_N04H_wOeG86pDAYROvZUM3oJ_PzJ2xIhwRBRdgM66DL97ODnyADL6kOikdyaEJPRoMryY-9hZ-B8-Wun8HogdSPXmr0FO31aI3vabdToFr5UqJpTCkG6olvESCSO6MZCmm5fPbpGBuGjRzW9m1iRYL0pw8akNQEY7bKm7wYaLi6DCYH1kK6ofUYLV-iwcQLPnGXlegtiOSuWrEAYxsgz4-0ZYdlhNxZjVkHiv1VXokyLnpcDtkEAkfLJ0JTuSjzxOvmuMKqVUMvaam0e4JjacAdpZop68qjre6fCssDr1UeKFCX5YsP25O1TowrEfaz&sai=AMfl-YTfkmskw4T9DxsW9s67lkPc9Qtv3Qxoy-qmMInKkHFOtIP8whmD5XtD7m7l8JxK7YO8c4YKCmlOQ0j2Rw1no4VZ_kaI8hYSGg7GHiAsA3AIcMRSsJTMvQ-4As0G5-ZnrpRtTn7xG8bbl8zok6LmD7j-&sig=Cg0ArKJSzBPIeSBUhAL0EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 31D66821204A25E201FC64AB98AA5AE5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7B1AF421F00B959DDD5FED4D53742547
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1453C381AD674EF55537F4567B56F5B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Evolve Bank & Trust LockBit attack hit 7.6 million • The Register

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

108
Requests

94 %
HTTPS

87 %
IPv6

8
Domains

15
Subdomains

16
IPs

2
Countries

1402 kB
Transfer

3940 kB
Size

12
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://account.theregister.com/login?r=https%3A//www.theregister.com/2024/07/09/evolve_lockbit_attack
Title: Sign in / up

Search URL Search Domain Scan URL

URL: https://search.theregister.com/

Search URL Search Domain Scan URL

URL: https://whitepapers.theregister.com/
Title: Whitepapers

Search URL Search Domain Scan URL

URL: https://whitepapers.theregister.com/events/list/
Title: Webinars & Events

Search URL Search Domain Scan URL

URL: https://account.theregister.com/edit/newsletter/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://forums.theregister.com/forum/all/2024/07/09/evolve_lockbit_attack/
Title: 4

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.theregister.com/2024/07/09/evolve_lockbit_attack/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=Evolve%20Bank%20%26%20Trust%20confirms%20LockBit%20stole%207.6%20million%20people%27s%20data

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Evolve%20Bank%20%26%20Trust%20confirms%20LockBit%20stole%207.6%20million%20people%27s%20data&url=https://www.theregister.com/2024/07/09/evolve_lockbit_attack/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2024/07/09/evolve_lockbit_attack/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2024/07/09/evolve_lockbit_attack/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=Evolve%20Bank%20%26%20Trust%20confirms%20LockBit%20stole%207.6%20million%20people%27s%20data&summary=Making%20cyberattack%20among%20the%20largest%20ever%20recorded%20in%20finance%20industry

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://www.theregister.com/2024/07/09/evolve_lockbit_attack/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp

Search URL Search Domain Scan URL

URL: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/a2e61e38-f78d-403d-9abb-3810771bb5d2.html
Title: lists

Search URL Search Domain Scan URL

URL: https://www.getevolved.com/about/news/cybersecurity-incident/
Title: earlier disclosure

Search URL Search Domain Scan URL

URL: https://www.federalreserve.gov/newsevents/pressreleases/enforcement20240614a.htm
Title: telling off

Search URL Search Domain Scan URL

URL: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/186129d3-f965-48f0-a48d-fbdfc6b74b02.html
Title: updated

Search URL Search Domain Scan URL

URL: https://www.nextplatform.com/
Title: The Next Platform

Search URL Search Domain Scan URL

URL: https://devclass.com/
Title: DevClass

Search URL Search Domain Scan URL

URL: https://blocksandfiles.com/
Title: Blocks and Files

Search URL Search Domain Scan URL

URL: https://situationpublishing.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4790v887771649za200&_p=1720741112395&gcs=G111&gcd=13n3n3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1813327377.1720741112&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1720741112&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F07%2F09%2Fevolve_lockbit_attack&dt=Evolve%20Bank%20%26%20Trust%20LockBit%20attack%20hit%207.6%20million%20%E2%80%A2%20The%20Register&en=gam_impression&_c=1&_ee=1&ep.event=gam_impression&ep.eaid=6740647431&ep.eadv=5327294344&ep.ebuy=3549727194&ep.ecid=138479930335&ep.epid=22784672596&ep.adunit=%2F6978%2Freg_security%2Fcybercrime&ep.value=1&_et=168&tfd=2861&_z=fetch HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=16799761107087946193&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F

Request Chain 87

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4790v887771649za200&_p=1720741112395&gcs=G111&gcd=13n3n3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1813327377.1720741112&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=4&sid=1720741112&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F07%2F09%2Fevolve_lockbit_attack&dt=Evolve%20Bank%20%26%20Trust%20LockBit%20attack%20hit%207.6%20million%20%E2%80%A2%20The%20Register&en=gam_impression&_c=1&_ee=1&ep.event=gam_impression&ep.eaid=6596290017&ep.eadv=5447173346&ep.ebuy=3357514769&ep.ecid=138465775460&ep.epid=22784672596&ep.adunit=%2F6978%2Freg_security%2Fcybercrime&ep.value=1&_et=16&tfd=2879&_z=fetch HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=5481715939322130919&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F

Request Chain 89

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4790v887771649za200&_p=1720741112395&gcs=G111&gcd=13n3n3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1813327377.1720741112&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=5&sid=1720741112&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F07%2F09%2Fevolve_lockbit_attack&dt=Evolve%20Bank%20%26%20Trust%20LockBit%20attack%20hit%207.6%20million%20%E2%80%A2%20The%20Register&en=gam_impression&_c=1&_ee=1&ep.event=gam_impression&ep.eaid=6596290017&ep.eadv=5447173346&ep.ebuy=3357514769&ep.ecid=138465775463&ep.epid=22784672596&ep.adunit=%2F6978%2Freg_security%2Fcybercrime&ep.value=1&_et=15&tfd=2896&_z=fetch HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=16482018348289724612&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F

Request Chain 90

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4790v887771649za200&_p=1720741112395&gcs=G111&gcd=13n3n3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1813327377.1720741112&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=6&sid=1720741112&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F07%2F09%2Fevolve_lockbit_attack&dt=Evolve%20Bank%20%26%20Trust%20LockBit%20attack%20hit%207.6%20million%20%E2%80%A2%20The%20Register&en=gam_impression&_c=1&_ee=1&ep.event=gam_impression&ep.eaid=6596290017&ep.eadv=5447173346&ep.ebuy=3357514769&ep.ecid=138465601740&ep.epid=22784672596&ep.adunit=%2F6978%2Freg_security%2Fcybercrime&ep.value=1&_et=19&tfd=2917&_z=fetch HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=683990405844439073&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F

Request Chain 91

https://go.theregister.com/k/abt_a HTTP 302
https://regmedia.co.uk/2007/09/13/tp.gif

Request Chain 93

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4790v887771649za200&_p=1720741112395&gcs=G111&gcd=13n3n3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1813327377.1720741112&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=7&sid=1720741112&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F07%2F09%2Fevolve_lockbit_attack&dt=Evolve%20Bank%20%26%20Trust%20LockBit%20attack%20hit%207.6%20million%20%E2%80%A2%20The%20Register&en=gam_impression&_c=1&_ee=1&ep.event=gam_impression&ep.eaid=6740647431&ep.eadv=5327294344&ep.ebuy=3549727194&ep.ecid=138479930332&ep.epid=22784672596&ep.adunit=%2F6978%2Freg_security%2Fcybercrime&ep.value=1&_et=14&tfd=2933&_z=fetch HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=8403673146853611977&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F

108 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request evolve_lockbit_attack Show response
www.theregister.com/2024/07/09/ 65 KB
13 KB 382ms
143ms Document
text/html 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c02414475c188cc62a793923692165850ecdccf3db027796726918e573660f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8a1ca0a63ad2ab9c-YYZ
content-encoding: gzip
content-length: 12458
content-type: text/html; charset=UTF-8
date: Thu, 11 Jul 2024 23:38:30 GMT
expires: Thu, 11 Jul 2024 23:38:30 GMT
link: <https://pagead2.googlesyndication.com/tag/js/gpt.js>; rel=preload; as=script;,</design_picker/ad73f0378d78c8edf3fad8afd0088cfefd29bf88/javascript/_.js>; rel=preload; as=script;,</css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/scaffolding.css>; rel=preload; as=style;,</css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/design.css>; rel=preload; as=style;,</design_picker/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-700.latin.woff2>; rel=preload; as=font; crossorigin;,</design_picker/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-400.latin.woff2>; rel=preload; as=font; crossorigin;
server: cloudflare
vary: Accept-Encoding
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
x-reg-bofh: pfy02us

GET
H2 200 gpt.js Show response
pagead2.googlesyndication.com/tag/js/ 99 KB
31 KB 655ms
461ms Script
text/javascript 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cf876ebb99909897897a0456908db6df15f337fedaf42186b806ba9e1757c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31670
x-xss-protection: 0
server: cafe
etag: 725 / 19915 / m202407080101 / config-hash: 2043355462000640510
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Jul 2024 23:38:31 GMT

GET
H2 200 _.js Show response
www.theregister.com/design_picker/ad73f0378d78c8edf3fad8afd0088cfefd29bf88/javascript/ 219 KB
62 KB 83ms
74ms Script
application/javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/ad73f0378d78c8edf3fad8afd0088cfefd29bf88/javascript/_.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68d1f178561bf64b06c123b92dd8221290fabfdb1a257a1127dd0ee2c7e7ff48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:30 GMT
content-encoding: gzip
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Thu, 04 Jul 2024 08:26:55 GMT
server: cloudflare
cf-cache-status: HIT
age: 659397
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=33696000
x-reg-bofh: pfy01us
cf-ray: 8a1ca0a75be7ab9c-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Jul 2025 08:27:26 GMT

GET
H2 200 scaffolding.css
www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/ 41 KB
6 KB 139ms
131ms Stylesheet
text/css 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/scaffolding.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b18c67c183da5eadf9f83380721ed6abd89f0707d57980f8a0e98a83e2b47f67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3153168
alt-svc: h3=":443"; ma=86400
content-length: 6432
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
last-modified: Wed, 05 Jun 2024 11:45:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=33696000
accept-ranges: bytes
x-reg-bofh: pfy02us
cf-ray: 8a1ca0a75be1ab9c-YYZ
expires: Mon, 30 Jun 2025 11:45:38 GMT

GET
H2 200 design.css
www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/ 58 KB
11 KB 190ms
183ms Stylesheet
text/css 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/design.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85dd35c4ece840b12ce39fa89be8c1a1a8d190cb6cb8614f4f7778c68284bf28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3153168
alt-svc: h3=":443"; ma=86400
content-length: 10906
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
last-modified: Wed, 05 Jun 2024 11:45:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=33696000
accept-ranges: bytes
x-reg-bofh: pfy03us
cf-ray: 8a1ca0a75be3ab9c-YYZ
expires: Mon, 30 Jun 2025 11:45:38 GMT

GET
H2 200 arimo-700.latin.woff2
www.theregister.com/design_picker/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/ 25 KB
25 KB 179ms
172ms Font
font/woff2 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-700.latin.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b4f41c53446bee5ce03284672b4607e4a6ff941cae00ec006411b05a62fbe7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
Origin: https://www.theregister.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11593372
alt-svc: h3=":443"; ma=86400
content-length: 25628
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
last-modified: Tue, 04 Feb 2020 15:35:20 GMT
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: https://www.theregister.com
cache-control: max-age=33696000
accept-ranges: bytes
x-reg-bofh: pfy03us
cf-ray: 8a1ca0a75be8ab9c-YYZ
expires: Mon, 17 Mar 2025 02:43:15 GMT

GET
H2 200 arimo-400.latin.woff2
www.theregister.com/design_picker/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/ 26 KB
26 KB 142ms
135ms Font
font/woff2 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-400.latin.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea8c1cbf9732fae6a42b6261c238014eab34943fac5a34711081a62b7cc2eba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
Origin: https://www.theregister.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4486152
alt-svc: h3=":443"; ma=86400
content-length: 26144
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
last-modified: Tue, 04 Feb 2020 15:35:20 GMT
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: https://www.theregister.com
cache-control: max-age=33696000
accept-ranges: bytes
x-reg-bofh: pfy03us
cf-ray: 8a1ca0a75be9ab9c-YYZ
expires: Sat, 12 Apr 2025 17:16:00 GMT

GET
H2 200 story_only.css
www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/ 74 KB
11 KB 190ms
185ms Stylesheet
text/css 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/story_only.css

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a69ae0fff67c1a5e2e470cd2411f25fbf3ca119243db34edbf4bd2e887ebcf8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3153168
alt-svc: h3=":443"; ma=86400
content-length: 11227
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
last-modified: Wed, 05 Jun 2024 11:45:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=33696000
accept-ranges: bytes
x-reg-bofh: pfy03us
cf-ray: 8a1ca0a75be5ab9c-YYZ
expires: Mon, 30 Jun 2025 11:45:38 GMT

GET
H2 200 rows.css
www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/ 42 KB
6 KB 172ms
167ms Stylesheet
text/css 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/rows.css

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31339f0267540a113f28a27de6f90239957dc4429eb3fcbdf1454413b66c13b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3153168
alt-svc: h3=":443"; ma=86400
content-length: 6583
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
last-modified: Wed, 05 Jun 2024 11:45:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=33696000
accept-ranges: bytes
x-reg-bofh: pfy02us
cf-ray: 8a1ca0a75be6ab9c-YYZ
expires: Mon, 30 Jun 2025 11:45:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
49 KB 208ms
83ms Script
application/javascript 2607:f8b0:400d:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd531b92552887f8f650ff541b35c099b6efb3c189e6bf1e5083c6b38a8d150e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49696
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 22:51:41 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jul 2024 23:38:31 GMT

GET
H3 200 user_icon_white_extents.svg
www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/std/ 573 B
590 B 62ms
60ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/std/user_icon_white_extents.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

455442b80b731817ad9e5b615c3ffcedbb9e351dc57b0f0298b77cdb5d11d57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Tue, 02 May 2023 08:25:31 GMT
server: cloudflare
cf-cache-status: HIT
age: 6272130
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy03us
cf-ray: 8a1ca0a89ea636bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Apr 2025 20:25:57 GMT

GET
H3 200 user_icon_filled_white_extents.svg
www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/std/ 630 B
586 B 73ms
70ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/std/user_icon_filled_white_extents.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f1cb4af215bea1d20e63989d2bc87cd3b6daf71af4e59b6ab7875154cecbceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Tue, 02 May 2023 08:25:31 GMT
server: cloudflare
cf-cache-status: HIT
age: 5809047
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy03us
cf-ray: 8a1ca0a89ea736bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Apr 2025 16:09:22 GMT

GET
H3 200 reg_logo_no_strapline.svg
www.theregister.com/design_picker/fa16d26efb42e6ba1052f1d387470f643c5aa18d/graphics/std/ 5 KB
2 KB 64ms
62ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/fa16d26efb42e6ba1052f1d387470f643c5aa18d/graphics/std/reg_logo_no_strapline.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

391022a2690f18db5daf7a3bc0c5ad36f31b094da5a8912d57c775e5add18d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
server: cloudflare
cf-cache-status: HIT
age: 6272130
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy03us
cf-ray: 8a1ca0a89ea836bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Apr 2025 17:15:59 GMT

GET
H3 200 magnifying_glass_white_extents.svg
www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/std/ 368 B
461 B 63ms
61ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/std/magnifying_glass_white_extents.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cbf748e68bf2fb8da497de517cbd7826d44c6b278cec89e22a9e13e193e4ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Tue, 02 May 2023 08:16:36 GMT
server: cloudflare
cf-cache-status: HIT
age: 3633697
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy01us
cf-ray: 8a1ca0a89ea936bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sun, 01 Jun 2025 04:11:44 GMT

GET
H3 200 burger_menu_white_extents.svg
www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/icon/ 309 B
460 B 69ms
67ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/icon/burger_menu_white_extents.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dd339c31b8ec482e001dad4fb52e6f8f138ad772b74a2d387943e10df3bbc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Tue, 02 May 2023 08:01:09 GMT
server: cloudflare
cf-cache-status: HIT
age: 9730703
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy01us
cf-ray: 8a1ca0a89eac36bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Apr 2025 17:17:13 GMT

GET
H3 200 burger_menu_white_close_extents.svg
www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/icon/ 379 B
457 B 65ms
64ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/ae01b183a707a7db8cd5f2c947715ed56d335138/graphics/icon/burger_menu_white_close_extents.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77a839fdcd5d30ced4fa6ca4dce35057cdb7e31f420b1f89fec3491cdf8c3f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Tue, 02 May 2023 08:01:09 GMT
server: cloudflare
cf-cache-status: HIT
age: 6272130
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy02us
cf-ray: 8a1ca0a89ead36bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Apr 2025 19:07:23 GMT

GET
H3 200 bubble_comment_white.svg
www.theregister.com/design_picker/f5daacc84b9722c1e31ba85f836c37e4ad993fc4/graphics/icons/ 676 B
671 B 67ms
66ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/f5daacc84b9722c1e31ba85f836c37e4ad993fc4/graphics/icons/bubble_comment_white.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53161434a4d50d2b984e91b332463b641b6842578c1f37a1ed81cbdc0a7794c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
server: cloudflare
cf-cache-status: HIT
age: 11589507
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy01us
cf-ray: 8a1ca0a89eae36bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 08:24:01 GMT

GET
H2 200 vulture_red.svg
www.theregister.com/design_picker/d518b499f8a6e2c65d4d8c49aca8299d54b03012/graphics/icon/ 1 KB
739 B 194ms
189ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/d518b499f8a6e2c65d4d8c49aca8299d54b03012/graphics/icon/vulture_red.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe083388f76e3adf62d2125ca792e750c814b06694f2362469ac82bb34a8e970

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:30 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Fri, 23 Sep 2022 09:37:24 GMT
server: cloudflare
cf-cache-status: HIT
age: 6271594
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy03us
cf-ray: 8a1ca0a75bebab9c-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Apr 2025 17:17:40 GMT

GET
H3 200 social_share_icon.svg
www.theregister.com/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icons/ 659 B
639 B 68ms
66ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icons/social_share_icon.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6ad8750b8ff72f993d9c45d51e02f31aa20834a48f78644953949afa7a6f8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 08:01:18 GMT
server: cloudflare
cf-cache-status: HIT
age: 5054681
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy01us
cf-ray: 8a1ca0a89eb036bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sun, 08 Jun 2025 04:52:08 GMT

GET
H2 200 vulture_white.png
www.theregister.com/design_picker/d518b499f8a6e2c65d4d8c49aca8299d54b03012/graphics/icon/ 403 B
536 B 192ms
188ms Image
image/png 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/d518b499f8a6e2c65d4d8c49aca8299d54b03012/graphics/icon/vulture_white.png

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b711585f391ac5f348dc41253cf4ffba5d49ed997c17170c1fe2498ff13ea817

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6272129
alt-svc: h3=":443"; ma=86400
content-length: 403
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=33696000
accept-ranges: bytes
x-reg-bofh: pfy03gb
cf-ray: 8a1ca0a75bedab9c-YYZ
expires: Mon, 23 Dec 2024 06:07:02 GMT

GET
H3 200 reddit.svg
www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/ 2 KB
1 KB 66ms
65ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/reddit.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/story_only.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccc879574756f32c9592427da6cd1248dd799b84b8ffaa746adcf447b17860a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/story_only.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Fri, 23 Sep 2022 09:36:45 GMT
server: cloudflare
cf-cache-status: HIT
age: 11593436
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy02us
cf-ray: 8a1ca0a8aec736bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 05 Dec 2024 07:16:46 GMT

GET
H3 200 twitter.svg
www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/ 2 KB
936 B 73ms
71ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/twitter.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/story_only.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b27718b0495bdcff98dc2358a0cf76271178c7e83b000f336610fc8994316ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/story_only.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Fri, 23 Sep 2022 09:36:45 GMT
server: cloudflare
cf-cache-status: HIT
age: 11593436
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy02us
cf-ray: 8a1ca0a8aec836bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Wed, 25 Dec 2024 06:09:23 GMT

GET
H3 200 facebook.svg
www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/ 1 KB
822 B 65ms
63ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/facebook.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/story_only.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed1744324b3aad05fe51ed96e388004a4716276884a66b9abd5cef359140d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/story_only.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Fri, 23 Sep 2022 09:36:45 GMT
server: cloudflare
cf-cache-status: HIT
age: 6271595
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy03gb
cf-ray: 8a1ca0a8aec936bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Apr 2025 19:06:23 GMT

GET
H3 200 linkedin.svg
www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/ 2 KB
975 B 68ms
66ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/linkedin.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/story_only.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41ef905e7d332a03311b4bb48d3894bccf04d8856a0e0a98ae98683538966025

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/story_only.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Fri, 23 Sep 2022 09:36:45 GMT
server: cloudflare
cf-cache-status: HIT
age: 6271118
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy01us
cf-ray: 8a1ca0a8beca36bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 24 Dec 2024 12:14:25 GMT

GET
H3 200 whatsapp.svg
www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/ 2 KB
956 B 67ms
65ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/abc39af2020bb49d21327163c08d9f54103a3f7f/graphics/social/round/whatsapp.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/story_only.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9d5ce7773dac38eff9082e13c7bc4307a7c4ba5e76cd95a2eb0faa0de662e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/story_only.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Fri, 23 Sep 2022 09:36:45 GMT
server: cloudflare
cf-cache-status: HIT
age: 11584959
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy02us
cf-ray: 8a1ca0a8becb36bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Dec 2024 08:03:07 GMT

GET
H3 200 bubble_comment_white.svg
www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/graphics/icons/ 676 B
671 B 66ms
65ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/graphics/icons/bubble_comment_white.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/design.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53161434a4d50d2b984e91b332463b641b6842578c1f37a1ed81cbdc0a7794c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/design.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
server: cloudflare
cf-cache-status: HIT
age: 6272130
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy03us
cf-ray: 8a1ca0a8bece36bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Apr 2025 20:24:58 GMT

GET
H3 200 bubble_comment_black.svg
www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/graphics/icons/ 892 B
784 B 66ms
65ms Image
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/graphics/icons/bubble_comment_black.svg

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/design.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d683ea3dda6066a1310b46c0e7bceec150db90ef0f33de34b15270f189479c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/css/90b4d568af29e8bcee4ddc9abf40a8797dbf7698/design.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:31 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
server: cloudflare
cf-cache-status: HIT
age: 6271595
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy02us
cf-ray: 8a1ca0a8bed036bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Apr 2025 16:09:23 GMT

GET
H3 200 pubads_impl.js Show response
pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/ 467 KB
146 KB 107ms
106ms Script
text/javascript 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b78de46be1aa7cb9f8c429bde4d202a358c1651ae0cc6217cbfd79097793d894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 21:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149163
x-xss-protection: 0
server: cafe
etag: 9083756951993760320
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 11 Jul 2025 21:06:39 GMT

GET
H2 200 6978 Show response
fundingchoicesmessages.google.com/i/ 199 KB
66 KB 323ms
153ms Script
application/javascript 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/6978?ers=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94b716148002d6617a091b5fbb37b44f5c579cab5845f6a14b4b2fa8f875cd06

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5PuGNNCJ0cdewPeckIgxhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-5PuGNNCJ0cdewPeckIgxhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmJw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLm-HHz4BY2gQV7L8cpaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRiYG1jqGZjEFxgAAMx3Ofc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV9XQjpvwB4741rgi47BpvEpSf6ObAtt_OVE8j6CPdfy65sRqhssOsYjpXDnMJmJ7Hjpr7A01SofzyuNJtK-8ek2A3d-C-J_pAjzEtnXWYUMFxrM0fYaiuy9EHHkIzozdl2IsVIvw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 209ms
80ms XHR
text/html 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV9XQjpvwB4741rgi47BpvEpSf6ObAtt_OVE8j6CPdfy65sRqhssOsYjpXDnMJmJ7Hjpr7A01SofzyuNJtK-8ek2A3d-C-J_pAjzEtnXWYUMFxrM0fYaiuy9EHHkIzozdl2IsVIvw==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ekjc7QylIsw.es5.O/am=GgY/d=1/rs=AJlcJMxNRbl6_fqpf_x1L8srayRpISmg0g/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-niAAQDeC8aQ-5KhHSj9OJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jul 2024 23:38:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-niAAQDeC8aQ-5KhHSj9OJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hj5sEtbAIzbv99z6jkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDQ30DMzjCwwAnaMsxQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.theregister.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads.js Show response
www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/javascript/ 27 B
283 B 63ms
62ms XHR
application/javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/javascript/ads.js

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/design_picker/ad73f0378d78c8edf3fad8afd0088cfefd29bf88/javascript/_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83de4b8fb218ece4dc1c59006f00e44aaee17e78923c65ba66acf0ad41a7a5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11593374
alt-svc: h3=":443"; ma=86400
content-length: 27
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=33696000
accept-ranges: bytes
x-reg-bofh: pfy03us
cf-ray: 8a1ca0b04cc836bb-YYZ
expires: Sat, 07 Dec 2024 04:42:34 GMT

GET
H2 200 AGSKWxUOmhg9s1gbORFBzsumLx_HRd7h4REmx3RVsCg8Qml7zihxUtnFGNeMsGL1dIzeyJeDA-x8dEP-HtD4kCpl8bd7ZwO_7kLvrE0w9wnBLuv0CxUdcKR5QQGz-Xycru0RkMoUcKwRwg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 84ms
84ms Script
application/javascript 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUOmhg9s1gbORFBzsumLx_HRd7h4REmx3RVsCg8Qml7zihxUtnFGNeMsGL1dIzeyJeDA-x8dEP-HtD4kCpl8bd7ZwO_7kLvrE0w9wnBLuv0CxUdcKR5QQGz-Xycru0RkMoUcKwRwg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwNzQxMTEyLDM2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudGhlcmVnaXN0ZXIuY29tLzIwMjQvMDcvMDkvZXZvbHZlX2xvY2tiaXRfYXR0YWNrIixudWxsLFtbOCwiRWtqYzdReWxJc3ciXSxbOSwiZW4tVVMiXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MTkwXSxudWxsLDVdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2413ca31dc0555227440f623a36edfdb15be31c601cc2b46867af90c8d30afb6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pQZvfkAjGn0tTn5kzyF33g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pQZvfkAjGn0tTn5kzyF33g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLh-HHz4BY2gQU3eo4xKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBtY6hmYxBcYAAADSTo2"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 236 KB
26 KB 685ms
502ms Fetch
text/plain 2607:f8b0:400d:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=410596378984232&correlator=235965268709202&eid=44809527%2C31083340%2C31085018%2C31081525%2C31084182%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407080101&ptt=17&impl=fifs&gdpr=0&iu_parts=6978%2Creg_security%2Ccybercrime&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C320x50%7C970x90%7C970x91%7C970x250%7C970x251%7C1200x270%7C1200x271%7C728x90%7C728x91%2C320x50%7C970x250%7C970x252%7C970x90%7C970x92%7C1200x270%7C1200x272%7C1200x600%7C1200x602%7C728x90%7C728x92%7C300x250%7C300x252%2C300x250%7C300x253%7C300x600%7C300x603%2C320x50%7C970x250%7C970x254%7C970x90%7C970x94%7C1200x270%7C1200x274%7C1200x600%7C1200x604%7C300x250%7C300x254%7C728x90%7C728x94%2C320x50%7C970x250%7C970x255%7C970x90%7C970x95%7C1200x270%7C1200x275%7C1200x600%7C1200x605%7C300x250%7C300x255%7C728x90%7C728x95&fluid=0%2Cheight%2Cheight%2C0%2Cheight%2Cheight&ifi=1&sfv=1-0-40&ists=32&sc=1&cookie_enabled=1&abxe=1&dt=1720741112379&lmt=1720741112&adxs=-12245933%2C15%2C15%2C1100%2C15%2C15&adys=-12245933%2C82%2C693%2C977%2C3495%2C3996&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theregister.com%2F2024%2F07%2F09%2Fevolve_lockbit_attack&vis=1&psz=1200x4370%7C1200x4370%7C662x2732%7C300x633%7C1200x701%7C1200x805&msz=1200x0%7C1570x90%7C1570x250%7C300x600%7C1570x90%7C1570x90&fws=132%2C4%2C4%2C516%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1813327377.1720741112&ga_sid=1720741112&ga_hid=983396957&ga_fc=false&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720741110894&idt=977&prev_scp=pos%3Dtop%26raptor%3Dkite%26unitnum%3D1%7Cpos%3Dtop%26raptor%3Dcondor%26unitnum%3D2%7Cpos%3Dtop%26raptor%3Dfalcon%26unitnum%3D4%7Cpos%3Dmid%26raptor%3Deagle%26unitnum%3D5%7Cpos%3Dbtm%26raptor%3Dhawk%26unitnum%3D8%7Cpos%3Dbtm%26raptor%3Dowl%26unitnum%3D9&cust_params=test%3D0%26li%3Dnull%26uid%3Dnull%26sc%3D1%26bwidth%3D16%26bheight%3D12%26orientation%3Dlandscape%26mm_segments%3D%26reg_vfc%3Db9718942b334dca90fdbda7a495e78fa%26reg_bet%3Db9718942b334dca90fdbda7a495e78fa%26tpt%3Dwww%2520story%26pid%3D235034%26pt%3Da%26axc%3Dnull%26kw%3Dcybercrime%252Ccybersecurity%252Cransomware%26cat%3Dnews%26tag%3Dnull%26author%3DConnor%252520Jones%26year%3D2024%26nsfw%3Dnull%26np%3D30%26eac%3D6%26ct%3Ds-async&adks=2313611811%2C3082794017%2C804057781%2C272299928%2C410670909%2C2150034044&frm=20&eoidce=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f274b3440266accc0ce02c3e6b819b980044ce748e3bc7e2c41ef88d8e47b63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26301
x-xss-protection: 0
google-lineitem-id: -2,6596290017,6596290017,6596290017,6740647431,6740647431
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138465601740,138465775460,138465775463,138479930335,138479930332
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theregister.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
74d25e35f30685448c1566060fa924cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D95 0
0 317ms
95ms Document
text/html 2607:f8b0:400d:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://74d25e35f30685448c1566060fa924cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jul 2024 23:38:32 GMT
expires: Thu, 11 Jul 2024 23:38:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 332 KB
108 KB 71ms
70ms Script
application/javascript 2607:f8b0:400d:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JXW44Y23NM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

937bb449ddf8e05599ce1a44a41a414c4fbc8c03f20d7d56a88d82ad2fa06f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110515
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jul 2024 23:38:32 GMT

GET
H2 200 AGSKWxU2GmtsV2GzTRn24Fbb1YlM71AxfA3OOfj0gqti8ReKl_RPI9u-AllhHuLt28ztcAL5V8F9UcW0bwbsj9ePmkdF8iFQJPSIzVqtc7IQh4Q13nBdgu1A-OGExdNe_x9wpDujVvbhxg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 89ms
88ms Script
application/javascript 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU2GmtsV2GzTRn24Fbb1YlM71AxfA3OOfj0gqti8ReKl_RPI9u-AllhHuLt28ztcAL5V8F9UcW0bwbsj9ePmkdF8iFQJPSIzVqtc7IQh4Q13nBdgu1A-OGExdNe_x9wpDujVvbhxg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwNzQxMTEyLDQ1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LnRoZXJlZ2lzdGVyLmNvbS8yMDI0LzA3LzA5L2V2b2x2ZV9sb2NrYml0X2F0dGFjayIsbnVsbCxbWzgsIkVramM3UXlsSXN3Il0sWzksImVuLVVTIl0sWzIyLCJ0cnVlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDE5MF0sbnVsbCw1XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44916104bb5f04456fe1c25c52534e66fea63257485d851286ce0597979e78f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-08nYfyyTYoTAgOtUo3chfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-08nYfyyTYoTAgOtUo3chfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII0JBiOHnrNtNFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYg_Pz7H-huIk_6dZy0A4iURF1kPJF5kPfj4IutJIBbi4fhx8-AWNoGOvlOfGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDMwNLPUMTOILDAC1rT9a"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 227ms
94ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4790v887771649za200&_p=1720741112395&_gaz=1&gcs=G111&gcd=13n3n3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1813327377.1720741112&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720741112&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F07%2F09%2Fevolve_lockbit_attack&dt=Evolve%20Bank%20%26%20Trust%20LockBit%20attack%20hit%207.6%20million%20%E2%80%A2%20The%20Register&en=page_view&_fv=1&_ss=1&_ee=1&ep.reg_uid=(reg_unknown)&ep.reg_auth=Connor%20Jones&ep.reg_sec=reg_security%2Fcybercrime&ep.reg_pt=www%20story&ep.reg_cat=news&ep.reg_alm=(reg_empty)&ep.reg_akwp=security%2C&ep.reg_uls=none&ep.reg_prev_pt=(reg_empty)&ep.reg_prev_ut=(reg_empty)&ep.reg_d11=(reg_unknown)&ep.reg_d12=(reg_unknown)&ep.reg_d14=(reg_unknown)&ep.reg_ded=(reg_unknown)&ep.reg_dorg=(reg_unknown)&ep.reg_ab_var=(reg_empty)&ep.reg_seg=(reg_empty)&ep.reg_aid=235034&ep.reg_asec=security%2Fcyber_crime&ep.reg_akw=cybercrime%2Ccybersecurity%2Cransomware%2C&ep.reg_vfc=b9718942b334dca90fdbda7a495e78fa&ep.reg_bet=b9718942b334dca90fdbda7a495e78fa&ep.reg_noz=(reg_empty)&ep.anonymize_ip=true&tfd=2081&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXW44Y23NM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 281ms
119ms Ping
text/plain 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JXW44Y23NM&cid=1813327377.1720741112&gtm=45je4790v887771649za200&aip=1&dma=0&gcs=G111&gcd=13n3n3l3l6&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXW44Y23NM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 528ms
449ms Image
image/gif 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JXW44Y23NM&cid=1813327377.1720741112&gtm=45je4790v887771649za200&aip=1&dma=0&gcs=G111&gcd=13n3n3l3l6&npa=0&frm=0&z=2077506673

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 008C 0
0 115ms
114ms Fetch
image/gif 2607:f8b0:400d:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssB_lxp4lu8meEefeC3y74o14HNVgByKkIfNYBf_ROmLTGSFjeW2vqeodUUZ4DpJsjGoJuBOXYBcfXDTEKisxZ2VozzHngPoISKgwSyyWWteZb89r7JUbT5_bQ4yw1LYWXiXUunhOigxASjojCjScJfY5CzN8l8D6Y3gZtzWuhz8ruWc20OyTznsEHF6KbJbR1161jJccXRiZ7kGjqe_s0kKI3qd0vYgD2m5D9r1CvDw9NdjD3IrPCUVfVx856ryMISJZYKrnvbBjiH02ZNgM9PJFe3okJabpwOHf8A71PGz5h1KeaCvtpBsW5xftQ_1Rd2wefpyntWOfWt9rchfmv49_nk6NLck62R6T8UsyCfYkCoRtuNO8U7U5oVqyJB9Rt_vIn1&sai=AMfl-YQNXtLdegcG9fc18bwgfE7n7dFZGZYiwkUoxNygnTsUyIHtPL7b9itALm8D0Yfw_neMIZvWJ6Ki95XK4ykTvTMK0JKscl7qQkZX931KYPd-rogxHrHzbhTViDfc8g-wYgcZu5TOMo_TQZcuMcHcygpS&sig=Cg0ArKJSzEZ-anhVNBZhEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jul 2024 23:38:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame 008C 3 KB
1 KB 241ms
117ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:52:39 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 008C 204 KB
63 KB 66ms
66ms Script
text/javascript 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:10:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 00:10:19 GMT

GET
H3 200 / Show response
nir.theregister.com/ Frame 008C 0
348 B 354ms
151ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3357514769

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy03us
cf-ray: 8a1ca0b658d339c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 7473826316523539564
tpc.googlesyndication.com/simgad/ Frame 008C 282 KB
282 KB 309ms
187ms Image
image/png 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7473826316523539564

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe83861fc5774c3bc0022bdb4e2b88f2384eed4eaf81c5d6bd7b779524b5d7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Thu, 10 Jul 2025 08:04:02 GMT
date: Wed, 10 Jul 2024 08:04:02 GMT
x-content-type-options: nosniff
age: 142471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288462
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 16:23:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FC51 0
0 418ms
418ms Fetch
image/gif 2607:f8b0:400d:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunh55UwufQurHgFynQUKq1ztedW-B5iiylFVATi84w699qXcYba_1vXNMp2nz3l1xnxSAgi9sHtG02xYmxP01AoCvOKpeKAlzqRD4Ss1MKuqPKpSHk5-ZQIm2GqxjT1jyQ9plttN8JVNEUiBj8waazxhYyacDBOz03kfwpATW6AjKU8CcVQQMryxRqftnQn8pyh3SMvP0IpcMGK8taH99BzobcIy3-oWFSql3JkXdVWCust0EE7V6mBQkWoWASkMP-sVBUJbycNOkzZTB1IPOVSDvIhwxEj0LgCGErnnsUsLod37O99_P-E-x2hRs6Dm-Z3e7TKSkcM1ddAyzXm8--U-BCMZU-Gs_LZ-wJLM8&sai=AMfl-YToDwIT7ToOzaj4joVPcFKf63uEY9U5bGl9lt-MWpyQFntR9C2sRnt3zeEsGqybfk4EIh8lqLgsFO91FcpN3V7L6DVJ6ZTTeNDsbjplYq0A2z0v122BJd1vFRvBvXmfS3YRigUCNMCx6nZnztHaBS5e&sig=Cg0ArKJSzK0vN-cNU7XUEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jul 2024 23:38:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame FC51 3 KB
0 230ms
230ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:52:39 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame FC51 204 KB
0 56ms
56ms Script
text/javascript 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:10:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 00:10:19 GMT

GET
H3 200 / Show response
nir.theregister.com/ Frame FC51 0
312 B 431ms
87ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3357514769

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy03us
cf-ray: 8a1ca0b7398e39c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 2538359955176956889
tpc.googlesyndication.com/simgad/ Frame FC51 80 KB
80 KB 230ms
119ms Image
image/png 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2538359955176956889

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bba6e970191ef66c071c255bcbbb9ec78fb67212fa1c4a13f4fa1b6b96a5604f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 07 Jul 2025 13:55:53 GMT
date: Sun, 07 Jul 2024 13:55:53 GMT
x-content-type-options: nosniff
age: 380560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81510
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 16:23:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 / Show response
nir.theregister.com/ 0
312 B 507ms
76ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3357514769

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/design_picker/ad73f0378d78c8edf3fad8afd0088cfefd29bf88/javascript/_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy03us
cf-ray: 8a1ca0b7ca0939c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3B0 0
0 408ms
407ms Fetch
image/gif 2607:f8b0:400d:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVDzCms21mnzFKB8ZPvNR3j_qQ6p0ywIYLGLP3Hqn-vU3LrWTSG6FYS04vPfkNpKUfmtRVzgKPpbd3H9t3YlLdtQdtjFX_v1z4Mrj3NVk5092GCgn3yqkRqOE-1H6QwwnluN5UiohtjKLfQumf1RH7LfbAYn9Q-sqP--eLRFiRDCV5APvcZdJuR6g3OsVNNhqHi1qTLM7-BheVd-PFPUnaHeEjwJQU-uqG7isI0n5HFjpnlcB25Izr_8QVX5iC96lCiYh5--xzn6s7zJnutwNUG1g3deP7UgBMvG-hTj7qXX16-5h9qC5CEBiuoACEzAJJtkd9GPlTMgLmy3gAiJBKHQF7x9Y3jDaNrSTUVogyquL_DTLC7kSOJl8ksXVq-Jri-m-S&sai=AMfl-YRcJDIRo3VLVMSuDTO38EMQlNWAJWDPdINOJpNcZHWYR5RrqEQaUj4yRadu1wGbULE7j3Dde5KT1vHJVylitcuU_7DD0NeK1yW-OiXWrsDc_fYab3_U9Lhp0ipwTk04_gkt-iD_3hCBq9O0R4u7kWgE&sig=Cg0ArKJSzFwBUL0CYOn6EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jul 2024 23:38:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame C3B0 3 KB
0 210ms
210ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:52:39 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C3B0 204 KB
0 35ms
35ms Script
text/javascript 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:10:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 00:10:19 GMT

GET
H3 200 / Show response
nir.theregister.com/ Frame C3B0 0
312 B 564ms
77ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3357514769

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy03us
cf-ray: 8a1ca0b84a7039c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 8812788097778677974
tpc.googlesyndication.com/simgad/ Frame C3B0 117 KB
117 KB 305ms
216ms Image
image/png 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8812788097778677974

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40139a8811543174df619fdeb3e8a9ac66e355c8b324c0a1f635a8d37ebcf605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Mon, 07 Jul 2025 18:02:17 GMT
date: Sun, 07 Jul 2024 18:02:17 GMT
x-content-type-options: nosniff
age: 365776
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119735
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 16:23:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F21D 0
0 425ms
425ms Fetch
image/gif 2607:f8b0:400d:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstehi3IN_AAXsAfftbc6WuPfFluGRMcRPV38Uwb70n7fY6E3nOtY94zBqdHnBkPstVkToiyymVX2YS2b-zuRtyYlN9GxJVNhEh73BGfefqxHHvffDp6D0CDOH0YJTuy3BQiuUBWlRytaI7OY-wfupr7O6UA1YNjqFgH4V33VxTNULUcx-ZYeJ8K4-n1W4YNdVTIV3B4uEQJacsZMtxaVe0ODERemBO_KGEnpniU_NQj6FvVOWxJzzbVkQV98wsYS6GB_Acz3JGkDuS3c3yut1H_hQm3eKwrJb8OpZAi89JTG9M1JmV4rwa09bowJVlsRH6wo-CcrY4Dy_b3EyGze6Pkh4RBOGjtHognJg3TjYdhQkIbdecFSuPKSJPSQkf-jKubljP0&sai=AMfl-YSooCdoIEv5pKDlUW48HMX043G-DRZQkqOdIHDfRPfTLsBy-JXlubVuy0k3mWO-HdmiNg61nIo208tSUZmW5gsc6EMdRoJJEzv8WZ0jMvV2Relz8-odmzYBshBvAY6hDYad2fiPRA3YOFsZA6LqBP4i&sig=Cg0ArKJSzLy70utnoXTpEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jul 2024 23:38:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame F21D 3 KB
0 2ms
2ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:52:39 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F21D 204 KB
0 27ms
27ms Script
text/javascript 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:10:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 00:10:19 GMT

GET
H3 200 / Show response
nir.theregister.com/ Frame F21D 0
311 B 319ms
175ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3549727194

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy01us
cf-ray: 8a1ca0b658d439c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 10622404319237707387
tpc.googlesyndication.com/simgad/ Frame F21D 46 KB
46 KB 140ms
76ms Image
image/png 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10622404319237707387

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7def5e768873eeff538e227c35b5159aeaf003b481c5709d7f9b3396435e4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Fri, 11 Jul 2025 09:00:31 GMT
date: Thu, 11 Jul 2024 09:00:31 GMT
x-content-type-options: nosniff
age: 52682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46967
x-xss-protection: 0
last-modified: Mon, 17 Jun 2024 15:14:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 31D6 0
0 425ms
425ms Fetch
image/gif 2607:f8b0:400d:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvPGWnLIurM_tz7-PA9ShkMPIWTEJc4smEbQwq4wolIF5eHUCE5guXAnaD3oZTlVmFT5Wa_N04H_wOeG86pDAYROvZUM3oJ_PzJ2xIhwRBRdgM66DL97ODnyADL6kOikdyaEJPRoMryY-9hZ-B8-Wun8HogdSPXmr0FO31aI3vabdToFr5UqJpTCkG6olvESCSO6MZCmm5fPbpGBuGjRzW9m1iRYL0pw8akNQEY7bKm7wYaLi6DCYH1kK6ofUYLV-iwcQLPnGXlegtiOSuWrEAYxsgz4-0ZYdlhNxZjVkHiv1VXokyLnpcDtkEAkfLJ0JTuSjzxOvmuMKqVUMvaam0e4JjacAdpZop68qjre6fCssDr1UeKFCX5YsP25O1TowrEfaz&sai=AMfl-YTfkmskw4T9DxsW9s67lkPc9Qtv3Qxoy-qmMInKkHFOtIP8whmD5XtD7m7l8JxK7YO8c4YKCmlOQ0j2Rw1no4VZ_kaI8hYSGg7GHiAsA3AIcMRSsJTMvQ-4As0G5-ZnrpRtTn7xG8bbl8zok6LmD7j-&sig=Cg0ArKJSzBPIeSBUhAL0EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jul 2024 23:38:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/ Frame 31D6 3 KB
0 3ms
3ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240709/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 14:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:52:39 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 31D6 204 KB
0 20ms
20ms Script
text/javascript 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:10:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64533
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Jul 2024 00:10:19 GMT

GET
H3 200 / Show response
nir.theregister.com/ Frame 31D6 0
312 B 399ms
79ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3549727194

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy03us
cf-ray: 8a1ca0b769ae39c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 4440841234512281328
tpc.googlesyndication.com/simgad/ Frame 31D6 124 KB
124 KB 210ms
147ms Image
image/png 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4440841234512281328

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40beff1d760d3ca21c7e94bbb7fcec0fff972881ed0b6ad72ad6c689e5985608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Fri, 11 Jul 2025 14:00:53 GMT
date: Thu, 11 Jul 2024 14:00:53 GMT
x-content-type-options: nosniff
age: 34660
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126912
x-xss-protection: 0
last-modified: Mon, 17 Jun 2024 15:14:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 / Show response
nir.theregister.com/ 0
311 B 373ms
130ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3357514769

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/design_picker/ad73f0378d78c8edf3fad8afd0088cfefd29bf88/javascript/_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy01us
cf-ray: 8a1ca0b8cad539c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 / Show response
nir.theregister.com/ 0
322 B 184ms
80ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3549727194

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/design_picker/ad73f0378d78c8edf3fad8afd0088cfefd29bf88/javascript/_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy03us
cf-ray: 8a1ca0b7ea1d39c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 008C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33f18ce066bfb1866f458733afb311c7969b100c257110d7f8dae393d0e53683

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FC51 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1a3a59ad5936980da3b2b533a6d6d7bfe15d7d1a84a2a7016176039a95f3658

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C3B0 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45b8c0b95f429d24e19e5d046b1848df865cad106ddcebc9b6071e7e4bb99de1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F21D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa335caf443e0ba51c9152b38aa3131b8624b09545bae25c4650a205b1059207

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 31D6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cc3974796fa6d81d368dbcc0b299447a1c38dcfb762558eee62b8b351e991bb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 / Show response
nir.theregister.com/ Frame F21D 0
321 B 265ms
80ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3549727194

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy02us
cf-ray: 8a1ca0b86a8d39c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 / Show response
nir.theregister.com/ Frame FC51 0
311 B 452ms
78ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3357514769

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy01us
cf-ray: 8a1ca0b98b7139c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 / Show response
nir.theregister.com/ Frame C3B0 0
312 B 528ms
75ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3357514769

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy03us
cf-ray: 8a1ca0ba0be239c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 / Show response
nir.theregister.com/ Frame 008C 0
312 B 604ms
74ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3357514769

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:34 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy03us
cf-ray: 8a1ca0ba8c3139c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 / Show response
nir.theregister.com/ Frame 31D6 0
322 B 374ms
108ms Script
application/x-javascript 104.18.5.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nir.theregister.com/?s=sa/oid.3549727194

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/x-javascript
cache-control: no-cache
x-reg-bofh: pfy03us
cf-ray: 8a1ca0b8eaf039c5-YYZ
content-length: 0
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F21D 0
0 383ms
148ms Fetch
image/gif 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC51 0
0 715ms
334ms Fetch
image/gif 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3B0 0
0 900ms
187ms Fetch
image/gif 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 advault. Show response
fundingchoicesmessages.google.com/f/AGSKWxUhHY5q2CTDQaya4E-imXjM46VHTUMR42fACfVfVpnM4xk7NDz7nm2nCQgn7jgsm4G71CdwBZdpSk2gNvC4ZtKjmQOB6YmbOqIGNtKPFIyeNF9uFiHdNrTzgocDGlAunhu7Ec1KxO14ExZNcwwbl189bfxdA... 54 B
109 B 166ms
166ms Script
application/javascript 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUhHY5q2CTDQaya4E-imXjM46VHTUMR42fACfVfVpnM4xk7NDz7nm2nCQgn7jgsm4G71CdwBZdpSk2gNvC4ZtKjmQOB6YmbOqIGNtKPFIyeNF9uFiHdNrTzgocDGlAunhu7Ec1KxO14ExZNcwwbl189bfxdAnXjMJ-2vWMCvTPjKxDyHCJo8ECBQz9f/__ad/section_&adgroupid=/adsystem.-468x060-/advault.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ekjc7QylIsw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzsTPzK3mzy1c8pHkseD8gxCiravA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c71ec4694ae236bf07f3468b519ddc9fb9a4a459ad407c7e51a1f11d9ab14d8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RHypMJranJDPgfnlwyDLmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-RHypMJranJDPgfnlwyDLmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII0pBiOHnrNtNFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYg_Pz7H-huIk_6dZy0A4iURF1kPJF5kPfj4IutJIBbi4fh58-AWNoED8y8fY1TSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTA3sNQzMIkvMAAAvlU_gw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
52 KB 169ms
169ms Script
text/javascript 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ba6a7f60cf98d8b53a97314afd066a70ea81bec3c5ac797aa7a64375772e976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53364
x-xss-protection: 0
server: cafe
etag: 7241501997801667656
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 11 Jul 2024 23:38:33 GMT

POST
H3 204 AGSKWxV9XQjpvwB4741rgi47BpvEpSf6ObAtt_OVE8j6CPdfy65sRqhssOsYjpXDnMJmJ7Hjpr7A01SofzyuNJtK-8ek2A3d-C-J_pAjzEtnXWYUMFxrM0fYaiuy9EHHkIzozdl2IsVIvw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 165ms
163ms XHR
text/html 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV9XQjpvwB4741rgi47BpvEpSf6ObAtt_OVE8j6CPdfy65sRqhssOsYjpXDnMJmJ7Hjpr7A01SofzyuNJtK-8ek2A3d-C-J_pAjzEtnXWYUMFxrM0fYaiuy9EHHkIzozdl2IsVIvw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OyRMQkR4zr2z3RbKgvIDjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-OyRMQkR4zr2z3RbKgvIDjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hz5sEtbAIT9l_czqjkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDQ30DMzjCwwAeBgsQA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.theregister.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 008C 0
0 1228ms
332ms Fetch
image/gif 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 31D6 0
0 1443ms
217ms Fetch
image/gif 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F21D 0
0 658ms
438ms Fetch
image/gif 2607:f8b0:400d:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw6M_Bj-QAzI_lrrhOVG2LvM20wvMjraQSN5IsRk4h_vlqQnzs72FIH7IVNTRok66TvyYHANrWdonxegCuzRtli3AH5B3TmztQKZDJiObvP36JesyGbp408V1udo5av6_eb8NKKaW5hUHndf8KPU0IHyYbbtUJxhdDT2rWhzUNJJhxSOka6d5XE0sGbq84m0xn6zPZRWXP4QZcx0s50ksQOykDd_cDWcqal72wO_qiPzp4ygmk6dB4MUJAzxkuv2874ivwKA_Ydionau6AYwvsjOyNg5EWkJPkIu84ibwhx3bVYT6nHdmpHNEQkFvHClibGGKP_S4QnSQLZIhVudHT70ygbH5GpIIe_R8LSw5djNPnCws5QTrjyYfVRSTZniyytxcXa78&sai=AMfl-YSLcXO49R6HiHFk0FOzbWOMMD3qAqnsBZU97CBfNRs-5zmdMhJaJQayEaD8Ajs42NdXuFQH0ayVXeTNntBBATDuEwXjyf1dHuO5cYAz_nTRKzxj6OrE0MoIRFBIVGyGkMeLfkt8fP339WyEygpDb_3L&sig=Cg0ArKJSzDygv_NqzImCEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jul 2024 23:38:33 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 103ms
102ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4790v887771649za200&_p=1720741112395&gcs=G111&gcd=13n3n3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1813327377.1720741112&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&sid=1720741112&sct=1&seg=0&dl=https%3A%2F%2Fwww.theregister.com%2F2024%2F07%2F09%2Fevolve_lockbit_attack&dt=Evolve%20Bank%20%26%20Trust%20LockBit%20attack%20hit%207.6%20million%20%E2%80%A2%20The%20Register&_s=2&tfd=2861&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXW44Y23NM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theregister.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4790v887771649za200&_p=1720741112395&gcs=G111&gcd=13n3n3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1813327377.1720741112&ul=en-ca&...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=16799761107087946193&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G...

0
0

257ms
107ms

Fetch
text/plain

2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=16799761107087946193&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
Requested by: Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
Protocol: H2
Server: 2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x14d43e5b2231b298","source_keys":["1"]},{"key_piece":"0x7cffb4e83c10701c","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"16799761107087946193","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["993989524"],"5":["07-11","07-10","07-09"]}}
date: Thu, 11 Jul 2024 23:38:33 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=16799761107087946193&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 481
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4790v887771649za200&_p=1720741112395&gcs=G111&gcd=13n3n3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1813327377.1720741112&ul=en-ca&...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=5481715939322130919&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-...

0
0

254ms
131ms

Fetch
text/plain

2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=5481715939322130919&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
Requested by: Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
Protocol: H2
Server: 2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x14d43e5b2231b298","source_keys":["1"]},{"key_piece":"0x7cffb4e83c10701c","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"5481715939322130919","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["993989524"],"5":["07-11","07-10","07-09"]}}
date: Thu, 11 Jul 2024 23:38:33 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=5481715939322130919&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 480
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FC51 0
0 634ms
442ms Fetch
image/gif 2607:f8b0:400d:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAgIZUehOaOTUqk6tmj2RCyMItdNin90OSSWF_i326FhQSOU3sAyoJhcrkp3A1ovppx7gbDVGHEU0fPCBTLvDwx0293YM4sVn5dudl6rIT7q1VCOojFJU6K7UaCawWd1wAHnYno-5hfcY5kKppdD-OpVk248-uTX5eCN9tRZoJnUbfH-K1djz_VWpLdiPfwxm8nd_jmdGCkxpYfipTYYaly0ijdTwTwONMz-aLEey2ldN-RVmBmTnQ__d_Fcbpxz4WaJ60F--yFVusvEuLY4BM0HrGd2a29mFq6M-J6r29_mqOEY5wZ3XilPnW6P2_LnPDPyjV6tEvTHKLbeOJqQNHlO7LJFQH6YA8AmEiZAdVvw&sai=AMfl-YTuNYJXgpiqBu4NJ_s_L5twFTANOTyzLmDnGsOSWdesKJPcYuD7Nf1f2XlWVcKiVA_o4O-byPIMntejf4zq5LheH94FHCFJwi4sq5Pwbp4aytNBvA9tg51P1OyJRC9ZjT-dCMQghPHG2DadMAjGMOxc&sig=Cg0ArKJSzEhH045NGywrEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jul 2024 23:38:33 GMT

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4790v887771649za200&_p=1720741112395&gcs=G111&gcd=13n3n3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1813327377.1720741112&ul=en-ca&...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=16482018348289724612&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G...

0
0

229ms
134ms

Fetch
text/plain

2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=16482018348289724612&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
Requested by: Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
Protocol: H2
Server: 2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x14d43e5b2231b298","source_keys":["1"]},{"key_piece":"0x7cffb4e83c10701c","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"16482018348289724612","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["993989524"],"5":["07-11","07-10","07-09"]}}
date: Thu, 11 Jul 2024 23:38:33 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=16482018348289724612&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 481
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4790v887771649za200&_p=1720741112395&gcs=G111&gcd=13n3n3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1813327377.1720741112&ul=en-ca&...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=683990405844439073&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-J...

0
0

228ms
135ms

Fetch
text/plain

2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=683990405844439073&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
Requested by: Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
Protocol: H2
Server: 2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x14d43e5b2231b298","source_keys":["1"]},{"key_piece":"0x7cffb4e83c10701c","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"683990405844439073","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["993989524"],"5":["07-11","07-10","07-09"]}}
date: Thu, 11 Jul 2024 23:38:33 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=683990405844439073&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 479
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

tp.gif
regmedia.co.uk/2007/09/13/
Redirect Chain

https://go.theregister.com/k/abt_a
https://regmedia.co.uk/2007/09/13/tp.gif

43 B
408 B

211ms
44ms

Image
image/gif

2606:4700::6810:c86d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://regmedia.co.uk/2007/09/13/tp.gif

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack

Protocol

Server

2606:4700::6810:c86d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69d77d9587f7e1475c01b26cc763774872a176a889d02ee7efb7fbb50ebdf327

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6240819
cf-polished: origSize=49, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 43
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
cf-bgj: imgq:85,h2pri
last-modified: Thu, 13 Sep 2007 11:17:03 GMT
server: cloudflare
etag: "31-43a027a4c29c0"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=33696000
accept-ranges: bytes
x-reg-bofh: pfy03us
cf-ray: 8a1ca0b8d8e639d7-YYZ
expires: Tue, 05 Aug 2025 23:38:33 GMT

Redirect headers

date: Thu, 11 Jul 2024 23:38:33 GMT
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html; charset=iso-8859-1
location: https://regmedia.co.uk/2007/09/13/tp.gif
x-reg-bofh: pfy03us
cf-ray: 8a1ca0b7499039c5-YYZ
content-length: 292
alt-svc: h3=":443"; ma=86400

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 31D6 0
0 593ms
441ms Fetch
image/gif 2607:f8b0:400d:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtQeddunoS0gPLQPQPLOL67tyPSIyRpxwqj9g1ifH9KJQrSk2r_Bo8eejV6vJ605VAfs9pkzRyoxB44rNcCUBh4vVybwLL8Kdygd2cy2Kvznp8KF7mVv8aS_Jku9PC7PxGHLG-_pDuCcdNgm-pwnBy8jH1y6ziEN7c0XwtlFU46cR1HvTLHsw3AdSdsJV6jzLzDZja-E3JIrQ07bNCq7lfVnOS3C6qJnordLpOuK6bAhvCYIlUTsbMaArPpNtwF3I2j14SDwZvu67haSB2nQ3_jMWmiblNF-mGNUQUOqFCLSemU8zjSzz0U3pgzz4s1r1Y1gpHRHmwtnm2G35OlJHQxaRdu47uJMSbZbNa2Nv02_weIt83YO6U3Hx_UZ4x2fvE7eND4L4&sai=AMfl-YTH4yi15XeHubiu8DYFagoC0NcH1BoO_cZva3aPYqVoRqixTv8AwIZm4M2kq7AZeZUL1C9DMUiCMT22-dRVvEHLdAk1jqQnCNi0garZ-8xR1FqRLHELZWxi2p0tyBlu2xao16yRdvY3qHNwAj3B6cWT&sig=Cg0ArKJSzAiOcUJai-dtEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jul 2024 23:38:33 GMT

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-JXW44Y23NM&gtm=45je4790v887771649za200&_p=1720741112395&gcs=G111&gcd=13n3n3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1813327377.1720741112&ul=en-ca&...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=8403673146853611977&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-...

0
0

186ms
123ms

Fetch
text/plain

2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=8403673146853611977&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
Requested by: Host: www.theregister.com
URL: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
Protocol: H2
Server: 2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x14d43e5b2231b298","source_keys":["1"]},{"key_piece":"0x7cffb4e83c10701c","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"8403673146853611977","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["993989524"],"5":["07-11","07-10","07-09"]}}
date: Thu, 11 Jul 2024 23:38:33 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:33 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1813327377.1720741112&dbk=8403673146853611977&dma=0&en=gam_impression&gcs=G111&gtm=45je4790v887771649za200&npa=0&tid=G-JXW44Y23NM&dl=https%3A%2F%2Fwww.theregister.com%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 480
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3B0 0
0 528ms
440ms Fetch
image/gif 2607:f8b0:400d:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzVMbhSs9h9hc1Q76nLvlNN1bRmmptJSnndmJy89jIkV8rXZ3DhImosSWcYbdeRMbXq-0Hx9-I1jVOFV91LbM3ZbZaFGe2lg_rsWp9e9GhT_9ZnMVafCd1FEYEcCmxLshgwRXI8ANIg_W7dove62bBdgoo32Pc13AhYy_sjWQ3V8hxOo6HRiC7tQd0GdTyGAoEU935pFkGC67PtHUsLL7OpmFMtHQWeiLiPasfT9OjCMWe7icVWs9khbVNi5lKs83DAHCP1SNxYvlN0HlNIE1Gi9Vbm20taoPPbv1E160drEaxO8tHsJsve6NkUzdM92hO421mDOMo7gtynlE0lmCBLYVUUKuD1w55Q40R9eVGZaQV_vqZYCOQApl875mPjsG3jCUDPxM&sai=AMfl-YTjIgyiyEoDnapT36a4BAovpx8TbmOGQWj8nDsrr2Ed2OBH36Cg4RedxMNy514vo0NqNGe9l4i86SM6UO_0EobTPVKn_qtc8o3EdKwEexOqaX_5FmNGKWaW5lRKhF-e9uxKSC8BOCeX36RvXLdCd34T&sig=Cg0ArKJSzBVc6TNuOb2DEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jul 2024 23:38:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 008C 0
0 506ms
443ms Fetch
image/gif 2607:f8b0:400d:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDJigaBz1XfqI0oln-PLqelSQpN0ui2bCTmB3J3k_N4JQPpDJpIQA3V-aJeeZhiCowU7wjvcM8buMFASgPmMJ3fwwgUn_GpT72cw1sf_IH4Plg2H7sW1d2nau6AZoqWgFlpqZcqGEg-poH-1GtrzfI_aFg3VapHpjO5JWsUrHqtlnFPaxVsQMc_wthjZ6dgF_xkqkbrfV6983l0TbACzh6RX9vRu5lxCcT8azFd72A6tb9U01bytX7sZI-0eUkjznIFz910Li2_UNCgzgxEEI7BnpQvcPkPelfEc7_wK5Sh6RBTgIXsyYLJehEczlqE2wVjDvEv2ATCTy7HHaWOXcxi-XQjX5xJH-J-8tjw66kPv3w2vDIUj8ZR3MdiKu5ig0ag80088c&sai=AMfl-YRRLc2QjzdpZt8lBXkYfsZ5H9Oy9KOVnQ0yRVh4_5SBYiPdbz6-w656K2ZOX1FUT10Yu1boR4f2exdbwaJAMBIAySXyoqnXT_2DmmPvXOcS-jhPHzqXptSeBYE1WdTDVwM5ZakCMhmpKdtIKLz20T62&sig=Cg0ArKJSzFyTpW9XPH0VEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c03::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jul 2024 23:38:33 GMT

POST
H3 204 AGSKWxV9XQjpvwB4741rgi47BpvEpSf6ObAtt_OVE8j6CPdfy65sRqhssOsYjpXDnMJmJ7Hjpr7A01SofzyuNJtK-8ek2A3d-C-J_pAjzEtnXWYUMFxrM0fYaiuy9EHHkIzozdl2IsVIvw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 65ms
65ms XHR
text/html 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV9XQjpvwB4741rgi47BpvEpSf6ObAtt_OVE8j6CPdfy65sRqhssOsYjpXDnMJmJ7Hjpr7A01SofzyuNJtK-8ek2A3d-C-J_pAjzEtnXWYUMFxrM0fYaiuy9EHHkIzozdl2IsVIvw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-x3ttuEEg2m7rNRFfBA2ydg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-x3ttuEEg2m7rNRFfBA2ydg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUD8-fE51t9AvCTiIuuRxIusQjwcP28e3MIm8OPhyS4mJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYG5ooGdgHl9gAACPGyyQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.theregister.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV9XQjpvwB4741rgi47BpvEpSf6ObAtt_OVE8j6CPdfy65sRqhssOsYjpXDnMJmJ7Hjpr7A01SofzyuNJtK-8ek2A3d-C-J_pAjzEtnXWYUMFxrM0fYaiuy9EHHkIzozdl2IsVIvw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 78ms
75ms XHR
text/html 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV9XQjpvwB4741rgi47BpvEpSf6ObAtt_OVE8j6CPdfy65sRqhssOsYjpXDnMJmJ7Hjpr7A01SofzyuNJtK-8ek2A3d-C-J_pAjzEtnXWYUMFxrM0fYaiuy9EHHkIzozdl2IsVIvw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OKBeHxxRFok5uwADDIC72A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-OKBeHxxRFok5uwADDIC72A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hz5sEtbAIX1j2ezaTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDQ30DMzjCwwAgGcsXw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.theregister.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV9XQjpvwB4741rgi47BpvEpSf6ObAtt_OVE8j6CPdfy65sRqhssOsYjpXDnMJmJ7Hjpr7A01SofzyuNJtK-8ek2A3d-C-J_pAjzEtnXWYUMFxrM0fYaiuy9EHHkIzozdl2IsVIvw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 106ms
103ms XHR
text/html 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV9XQjpvwB4741rgi47BpvEpSf6ObAtt_OVE8j6CPdfy65sRqhssOsYjpXDnMJmJ7Hjpr7A01SofzyuNJtK-8ek2A3d-C-J_pAjzEtnXWYUMFxrM0fYaiuy9EHHkIzozdl2IsVIvw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2u0x0K9IwtIscAPUdu0BbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2u0x0K9IwtIscAPUdu0BbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hz5sEtbAIdL9pXMCm5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwNzQwM9A_P4AgMAak8sDQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.theregister.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW1J8pCFgngR9BBTL2soXbW-NHdTk_Ha1WQ3z9pSvwrNzuyPx_UmQ_VQ3cQnXr6LcxDA08kVq-zWauUSreY_dvpJJODhzqmTEpsEFtBA3yzVCzGNn24D56B7B5ze7l0s6YsZGpi2Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 84ms
83ms Script
application/javascript 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW1J8pCFgngR9BBTL2soXbW-NHdTk_Ha1WQ3z9pSvwrNzuyPx_UmQ_VQ3cQnXr6LcxDA08kVq-zWauUSreY_dvpJJODhzqmTEpsEFtBA3yzVCzGNn24D56B7B5ze7l0s6YsZGpi2Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwNzQxMTEzLDU1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudGhlcmVnaXN0ZXIuY29tLzIwMjQvMDcvMDkvZXZvbHZlX2xvY2tiaXRfYXR0YWNrIixudWxsLFtbOCwiRWtqYzdReWxJc3ciXSxbOSwiZW4tVVMiXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MTkwXSxudWxsLDVdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9701947fb902dff07757bda56dfe6d79ce2fcf11e94c2a64837bbbb05a25de7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fgtn4qQvpKtYL70_XAAXIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-fgtn4qQvpKtYL70_XAAXIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLh-Hnz4BY2gRfvDs1jUtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDew1DMwiS8wAAAfLzqz"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXfwrCWNckw1zIpAwwW5G-i20_s9zHR1iFyVig5YvNbR7ZW5v8GM_JuJbVqqIfFqgi58z3KnobNUhgg47bk9-6gDHZAejPZLcqQ3NRj83mmNF-I_rBdcBGDVeFAGTEtzIJRQsPblA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 81ms
80ms XHR
text/html 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXfwrCWNckw1zIpAwwW5G-i20_s9zHR1iFyVig5YvNbR7ZW5v8GM_JuJbVqqIfFqgi58z3KnobNUhgg47bk9-6gDHZAejPZLcqQ3NRj83mmNF-I_rBdcBGDVeFAGTEtzIJRQsPblA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tWRQSBDq2vJNkyuWAezDZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tWRQSBDq2vJNkyuWAezDZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII0pBiWMS_i8kpfQZrCBB_fnyO9TcQL4m4yHok8SKrEA_Hz5sHt7AJLHjee5BJySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYmBsa6BmYxxcYAAAguS26"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.theregister.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV9XQjpvwB4741rgi47BpvEpSf6ObAtt_OVE8j6CPdfy65sRqhssOsYjpXDnMJmJ7Hjpr7A01SofzyuNJtK-8ek2A3d-C-J_pAjzEtnXWYUMFxrM0fYaiuy9EHHkIzozdl2IsVIvw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 95ms
94ms XHR
text/html 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV9XQjpvwB4741rgi47BpvEpSf6ObAtt_OVE8j6CPdfy65sRqhssOsYjpXDnMJmJ7Hjpr7A01SofzyuNJtK-8ek2A3d-C-J_pAjzEtnXWYUMFxrM0fYaiuy9EHHkIzozdl2IsVIvw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Btxv_HcGDSHh8Q5t6iEBZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jul 2024 23:38:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Btxv_HcGDSHh8Q5t6iEBZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hz5sEtbAINO_ovMCm5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwNzQwM9A_P4AgMAaH8sBw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.theregister.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 117ms
117ms XHR
application/json 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407080101&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fc59d51677a87cbffaa4d73551269699ba37e4050e19aaf918f3679e884f92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12533
x-xss-protection: 0

GET
H3 200 favicon.svg
www.theregister.com/design_picker/13249a2e80709c7ff2e57dd3d49801cd534f2094/graphics/favicons/ 3 KB
2 KB 60ms
60ms Other
image/svg+xml 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/13249a2e80709c7ff2e57dd3d49801cd534f2094/graphics/favicons/favicon.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e08434b894e29942adb095bf2d6f493ffd8e2aee21e8ad147f59e9bc2d400b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:34 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Mon, 27 Feb 2023 10:14:08 GMT
server: cloudflare
cf-cache-status: HIT
age: 6272279
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=33696000
x-reg-bofh: pfy01us
cf-ray: 8a1ca0bb0cf836bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 17 Apr 2025 07:30:49 GMT

GET
H3 200 favicon.ico
www.theregister.com/design_picker/13249a2e80709c7ff2e57dd3d49801cd534f2094/graphics/favicons/ 15 KB
2 KB 62ms
61ms Other
image/x-icon 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/13249a2e80709c7ff2e57dd3d49801cd534f2094/graphics/favicons/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0eadb5eb6ca47c35791250e31d41b66d9e7098ee6e74a3af1d4b75f5d11164e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:34 GMT
content-encoding: br
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
x-content-type-options: nosniff
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
server: cloudflare
cf-cache-status: HIT
age: 6272279
vary: Accept-Encoding
content-type: image/x-icon
cache-control: max-age=33696000
x-reg-bofh: pfy03us
cf-ray: 8a1ca0bb7d3d36bb-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sat, 12 Apr 2025 16:09:39 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/gpt/m202407080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Jul 2024 23:38:34 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7B1A 0
0 220ms
84ms Document
text/html 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 302433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jul 2024 11:38:01 GMT
expires: Tue, 08 Jul 2025 11:38:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 1453 0
0 214ms
61ms Document
text/html 2607:f8b0:400d:c0d::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::69 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-V6yXLJGz05fqXHbg1fHgpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theregister.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-V6yXLJGz05fqXHbg1fHgpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jul 2024 23:38:34 GMT
expires: Thu, 11 Jul 2024 23:38:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FC51 42 B
65 B 122ms
122ms Fetch
image/gif 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvE2ZeMeczYp7xqDVvJcYAn9s4htKbCLhQLnvgqg1wbhjCaoGAZmY7G0UZUQ9xG4R2OEGkz7nUrqX761WjADyGVNT6Y7T2QlcrAibT8RrV0201NCFhcE7ZH7ADgL1CkELawvXx9UyEyRavJ2_2y5MYzaNPByvWU9dg&sig=Cg0ArKJSzM08rCnwpGd-EAE&id=lidar2&mcvt=1000&p=873,650,1123,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240710&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=804057781&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1667391300&rst=1720741113113&rpt=270&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 008C 42 B
65 B 366ms
366ms Fetch
image/gif 2607:f8b0:400d:c0f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPcdG3BVUP3xch7rspBwQt09wdwxU3vhhDlEBN3BowYDi42ebL5kNe09wJAhQ9m-Da67si2UM7X4YFbIqunuIFpzHjBdYRbHkqhCOa7UnVAhJSrmfSrn7oAAh9IUEYDODyPQsx2PsuLJEdGcARY4QG7w9NjJb46ww&sig=Cg0ArKJSzPyiAHwhfv-6EAE&id=lidar2&mcvt=1001&p=82,200,352,1400&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240710&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3082794017&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1667391300&rst=1720741113096&rpt=415&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0f::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theregister.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 23:38:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 ads.js Show response
www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/javascript/ 27 B
0 0ms
0ms XHR
application/javascript 104.18.4.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theregister.com/design_picker/c00f80f04b0eaf0123d821f6c9488fc1cb55fd0a/javascript/ads.js

Requested by

Host: www.theregister.com
URL: https://www.theregister.com/design_picker/ad73f0378d78c8edf3fad8afd0088cfefd29bf88/javascript/_.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83de4b8fb218ece4dc1c59006f00e44aaee17e78923c65ba66acf0ad41a7a5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.theregister.com/2024/07/09/evolve_lockbit_attack
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 23:38:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11593374
alt-svc: h3=":443"; ma=86400
content-length: 27
x-clacks-overhead: GNU Terry Pratchett, Lester Haines
last-modified: Fri, 10 Jan 2020 15:10:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=33696000
accept-ranges: bytes
x-reg-bofh: pfy03us
cf-ray: 8a1ca0b04cc836bb-YYZ
expires: Sat, 07 Dec 2024 04:42:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407080101&jk=410596378984232&bg=!CQqlCkXNAAZjPzuvQz87ADQBe5WfOOpiIian493An9Etjj3f-ms4ElRvxWMvS1XOcuDseG5btQ4M3gdKDuOV7S2ejnw8AgAAAEVSAAAAA2gBB34ANgsQqe8jhHbMY_-VgRgtct35qT0ft-u3BlMExN2b6HrGD3Zcp_gHxgBWMV5_gkv3XMsgkoscYwoAgz9vL3jfb8ASfWUo97ixHw-47bdIZ7R5kMcU-OMlt7Le4uhdfRg4QDiLdqQAXN9kK37QsG5v294rguvrz_fBvJENuUvpBOUMohG_4p5fPTdq70EIUqk7uONN4XKiuP5pNaWXUvLRjlBidM_QONzYGq2M0C9aZilyI5HdeG6pvN8QQrGAmQK9pIVd7IIizl0piAQH17NiaUjNDe2RXREXIcBeYXy1vIFdkmKFQekAwBrvFD3WuOSEVhSghTLkrQjKMzdrU3Cjhyto0lYBjAyDNwLcoUNPrxVhmjxZizrJwp9q_BhEmOfoKfonRG6GLKtsZPRxf0EGprCdgYOF-wNtpsLP4Fr48lZ92KoCRClQQp4GnSpLCu6FagwrkK-L1MTuB7ZzcdITI0hgt0FurCSo8Fzq5RzJi7BSZHs8vv1eHyOUDsj_eGIjNZ2Q6k1oTE4nFcu6AOY9QLsr5OITajHK8lMUXUtHv2XMMhxaIBsWSwLQkQg-68d1zHfQGSfg5EWEFmlZu7QzZ-SBCthb33wTbiGsXrVRk0Fsj6BSgaO9ydYiW0FRdmMIJUUNIqW_wzxY6nm81rIP4OYB6d0KsTzRQ59ogRKRkPHrk4_w6bN2BD7gLvXvijUnb0BWNMFD-HpEKuodoYzIkLPogbL0AbTawA6EjsX60SotgEvuLfkPoPnGAJYCbaiafgnuWieizcorPdHr669stCVF8ivOIwOPYEVZdJoI3-T-nHoXqOw8nPBtx0jA4rj7uL29ezyZWZYfGKvgh1FeYIeogHKeM5xZboD3d1h0kjorRqow7EWra2qkKQQEaPE90ZcsDu5VfOsrY4aUn0PsuEgoYvqcqzJNAL-zOOF6494mq05qAm_uDDam_4nYIIaJSEgcQmNJmUW9rm_4WjXtEIQ9dmp4sLroXAUrmiVqAfiM3wNj3zp2Yed2svaDqcYqtDMc6DGsU9NR1wV57ZMeCKSx1uxAmtAcQPddnEU0DkRfYq3z6OIX415ykknee63bMZarUyobk6boeB6mxUimLv3OEj3Dl9TVkR1z-aHcPctIxQPdYO-JGmBfaLHOiCOxqkfeI4o7YBde-1Rymz_x7T0-euKuvmUFDwuvQaE

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theregister.com/	1970-01-21 06:44:37	Name: bucket Value: 568
.theregister.com/	1969-12-31 23:59:59	Name: sc Value: 1
.theregister.com/	1970-01-21 07:35:01	Name: _ga Value: GA1.1.1813327377.1720741112
.theregister.com/	1970-01-21 07:20:37	Name: __gads Value: ID=c7ea4683c1fb6627:T=1720741112:RT=1720741112:S=ALNI_MaY6bc4MqMQqMTg18wCqxtJKMcvlQ
.theregister.com/	1970-01-21 07:20:37	Name: __gpi Value: UID=00000e71989ec5e7:T=1720741112:RT=1720741112:S=ALNI_MYJktZ662_mzIxaq7J-r8GUk28m3w
.theregister.com/	1970-01-21 02:18:13	Name: __eoi Value: ID=eb8fe4682841c836:T=1720741112:RT=1720741112:S=AA-AfjaMKEcDSjA5hdp3RZ0KQLvv
.theregister.com/	1970-01-21 07:35:01	Name: _ga_JXW44Y23NM Value: GS1.1.1720741112.1.0.1720741113.59.0.0
.doubleclick.net/	1970-01-21 07:35:01	Name: IDE Value: AHWqTUkKXcdivt9OMtYs7h1cxaTg1lhN5Xb9eTkRAtl1A-Vj4shOwgU-dNN_CVCBjuQ
.theregister.com/	1970-01-21 06:44:37	Name: FCNEC Value: %5B%5B%22AKsRol9Zo_V7N2TjYgxbL59ndIfhJey-cqfMUq54OvWdG8BbyFrikSJ2SGN4EIt2fOEoRBvoPvx18OiuiSWW06-cbAUNobdg4rWifwG6bXbqWlF5JahNQM1ZpJnAtcYBbEW-1Y-b0b0ayuzJEN4uIKXPu9LWH8lDFg%3D%3D%22%5D%5D
.theregister.com/	1970-01-21 02:21:05	Name: cmp Value: g0.c0.l0
.www.google-analytics.com/	1970-01-21 00:08:37	Name: ar_debug Value: 1
.nir.theregister.com/	1970-01-21 06:44:37	Name: sa Value: 1/oid.3357514769

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

74d25e35f30685448c1566060fa924cf.safeframe.googlesyndication.com
analytics.google.com
fundingchoicesmessages.google.com
go.theregister.com
nir.theregister.com
pagead2.googlesyndication.com
regmedia.co.uk
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.theregister.com
pagead2.googlesyndication.com
104.18.4.22
104.18.5.22
2001:4860:4802:38::181
2606:4700::6810:c86d
2607:f8b0:4004:c07::9a
2607:f8b0:4004:c09::8b
2607:f8b0:4004:c19::84
2607:f8b0:400d:c01::61
2607:f8b0:400d:c03::9c
2607:f8b0:400d:c04::71
2607:f8b0:400d:c07::84
2607:f8b0:400d:c0d::69
2607:f8b0:400d:c0d::84
2607:f8b0:400d:c0f::9d
2607:f8b0:400d:c1d::5e
0cf876ebb99909897897a0456908db6df15f337fedaf42186b806ba9e1757c37
2413ca31dc0555227440f623a36edfdb15be31c601cc2b46867af90c8d30afb6
2e08434b894e29942adb095bf2d6f493ffd8e2aee21e8ad147f59e9bc2d400b0
31339f0267540a113f28a27de6f90239957dc4429eb3fcbdf1454413b66c13b2
33f18ce066bfb1866f458733afb311c7969b100c257110d7f8dae393d0e53683
391022a2690f18db5daf7a3bc0c5ad36f31b094da5a8912d57c775e5add18d57
3ba6a7f60cf98d8b53a97314afd066a70ea81bec3c5ac797aa7a64375772e976
40139a8811543174df619fdeb3e8a9ac66e355c8b324c0a1f635a8d37ebcf605
40beff1d760d3ca21c7e94bbb7fcec0fff972881ed0b6ad72ad6c689e5985608
41ef905e7d332a03311b4bb48d3894bccf04d8856a0e0a98ae98683538966025
455442b80b731817ad9e5b615c3ffcedbb9e351dc57b0f0298b77cdb5d11d57d
45b8c0b95f429d24e19e5d046b1848df865cad106ddcebc9b6071e7e4bb99de1
4cc3974796fa6d81d368dbcc0b299447a1c38dcfb762558eee62b8b351e991bb
53161434a4d50d2b984e91b332463b641b6842578c1f37a1ed81cbdc0a7794c6
5dd339c31b8ec482e001dad4fb52e6f8f138ad772b74a2d387943e10df3bbc48
5fc59d51677a87cbffaa4d73551269699ba37e4050e19aaf918f3679e884f92a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
68d1f178561bf64b06c123b92dd8221290fabfdb1a257a1127dd0ee2c7e7ff48
69d77d9587f7e1475c01b26cc763774872a176a889d02ee7efb7fbb50ebdf327
6b4f41c53446bee5ce03284672b4607e4a6ff941cae00ec006411b05a62fbe7a
77a839fdcd5d30ced4fa6ca4dce35057cdb7e31f420b1f89fec3491cdf8c3f84
7c02414475c188cc62a793923692165850ecdccf3db027796726918e573660f4
7f274b3440266accc0ce02c3e6b819b980044ce748e3bc7e2c41ef88d8e47b63
83de4b8fb218ece4dc1c59006f00e44aaee17e78923c65ba66acf0ad41a7a5cc
85dd35c4ece840b12ce39fa89be8c1a1a8d190cb6cb8614f4f7778c68284bf28
87d683ea3dda6066a1310b46c0e7bceec150db90ef0f33de34b15270f189479c
937bb449ddf8e05599ce1a44a41a414c4fbc8c03f20d7d56a88d82ad2fa06f62
94b716148002d6617a091b5fbb37b44f5c579cab5845f6a14b4b2fa8f875cd06
9cbf748e68bf2fb8da497de517cbd7826d44c6b278cec89e22a9e13e193e4ded
9f1cb4af215bea1d20e63989d2bc87cd3b6daf71af4e59b6ab7875154cecbceb
a1bd30bee0c4193ae03ce416e750f17b757b175b3b6390126b91a53d8f599392
a44916104bb5f04456fe1c25c52534e66fea63257485d851286ce0597979e78f
a69ae0fff67c1a5e2e470cd2411f25fbf3ca119243db34edbf4bd2e887ebcf8f
aa335caf443e0ba51c9152b38aa3131b8624b09545bae25c4650a205b1059207
b18c67c183da5eadf9f83380721ed6abd89f0707d57980f8a0e98a83e2b47f67
b1a3a59ad5936980da3b2b533a6d6d7bfe15d7d1a84a2a7016176039a95f3658
b27718b0495bdcff98dc2358a0cf76271178c7e83b000f336610fc8994316ef1
b711585f391ac5f348dc41253cf4ffba5d49ed997c17170c1fe2498ff13ea817
b78de46be1aa7cb9f8c429bde4d202a358c1651ae0cc6217cbfd79097793d894
b9d5ce7773dac38eff9082e13c7bc4307a7c4ba5e76cd95a2eb0faa0de662e34
bba6e970191ef66c071c255bcbbb9ec78fb67212fa1c4a13f4fa1b6b96a5604f
bd531b92552887f8f650ff541b35c099b6efb3c189e6bf1e5083c6b38a8d150e
c0eadb5eb6ca47c35791250e31d41b66d9e7098ee6e74a3af1d4b75f5d11164e
c71ec4694ae236bf07f3468b519ddc9fb9a4a459ad407c7e51a1f11d9ab14d8d
ccc879574756f32c9592427da6cd1248dd799b84b8ffaa746adcf447b17860a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed1744324b3aad05fe51ed96e388004a4716276884a66b9abd5cef359140d5
ea8c1cbf9732fae6a42b6261c238014eab34943fac5a34711081a62b7cc2eba9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6ad8750b8ff72f993d9c45d51e02f31aa20834a48f78644953949afa7a6f8ca
f7def5e768873eeff538e227c35b5159aeaf003b481c5709d7f9b3396435e4da
f9701947fb902dff07757bda56dfe6d79ce2fcf11e94c2a64837bbbb05a25de7
fe083388f76e3adf62d2125ca792e750c814b06694f2362469ac82bb34a8e970
fe83861fc5774c3bc0022bdb4e2b88f2384eed4eaf81c5d6bd7b779524b5d7ca

www.theregister.com Open in urlscan Pro 104.18.4.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

108 Requests

94 %HTTPS

87 %IPv6

8 Domains

15 Subdomains

16 IPs

2 Countries

1402 kBTransfer

3940 kBSize

12 Cookies

19 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.theregister.com Open in urlscan Pro
104.18.4.22 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

94 %
HTTPS

87 %
IPv6

8
Domains

15
Subdomains

16
IPs

2
Countries

1402 kB
Transfer

3940 kB
Size

12
Cookies

108 HTTP transactions
5 data transactions