www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac
Effective URL:
https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/
Submission: On March 28 via manual (March 28th 2023, 5:50:54 pm UTC) from US — Scanned from DE

Summary HTTP 102 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 20 domains to perform 102 HTTP transactions. The main IP is 104.20.60.209, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com. The Cisco Umbrella rank of the primary domain is 55401.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 11th 2022. Valid for: a year.

This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	104.20.59.241 104.20.59.241	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:3108::ac42:28e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	54.201.215.5 54.201.215.5	16509 (AMAZON-02) (AMAZON-02)
2	104.20.60.209 104.20.60.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
7	172.67.75.139 172.67.75.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.189.32 13.224.189.32	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:3fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.88 18.66.112.88	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.112 65.9.95.112	16509 (AMAZON-02) (AMAZON-02)
13	18.66.147.31 18.66.147.31	16509 (AMAZON-02) (AMAZON-02)
1 5	104.18.23.41 104.18.23.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	104.18.22.41 104.18.22.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.203.130.15 18.203.130.15	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
102	26

19 104.20.59.241 (None, )

ASN13335 (CLOUDFLARENET, US)

feedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.feedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.feedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28e6 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o115706.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.201.215.5 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-215-5.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.60.209 (None, )

ASN13335 (CLOUDFLARENET, US)

www.bleepingcomputer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.75.139 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.189.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-32.fra2.r.cloudfront.net

sp.bleepingcomputer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:3fc (United States)

ASN13335 (CLOUDFLARENET, US)

amp.cntxcdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-88.fra56.r.cloudfront.net

ccpa.sp-prod.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-112.prg50.r.cloudfront.net

gdpr-tcfv2.sp-prod.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.66.147.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-31.fra60.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.23.41 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.22.41 (None, )

ASN13335 (CLOUDFLARENET, US)

ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.130.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com

s.srvsynd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 396	301 KB
19	feedly.com feedly.com — Cisco Umbrella Rank: 36626 s1.feedly.com — Cisco Umbrella Rank: 95588 api.feedly.com — Cisco Umbrella Rank: 58822	1 MB
13	privacy-mgmt.com cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4776	89 KB
7	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 2811 cds.connatix.com — Cisco Umbrella Rank: 2831 capi.connatix.com — Cisco Umbrella Rank: 2413 ins.connatix.com — Cisco Umbrella Rank: 3953 vid.connatix.com Failed	293 KB
7	bleepstatic.com www.bleepstatic.com — Cisco Umbrella Rank: 88749	874 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1026 q.stripe.com — Cisco Umbrella Rank: 6139 m.stripe.com — Cisco Umbrella Rank: 1097	126 KB
5	bleepingcomputer.com www.bleepingcomputer.com — Cisco Umbrella Rank: 55401 sp.bleepingcomputer.com	33 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com Failed	20 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 758 syndication.twitter.com — Cisco Umbrella Rank: 1090	132 KB
2	srvsynd.com s.srvsynd.com — Cisco Umbrella Rank: 13413	3 KB
2	sp-prod.net ccpa.sp-prod.net — Cisco Umbrella Rank: 12398 gdpr-tcfv2.sp-prod.net — Cisco Umbrella Rank: 22724	65 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1133	17 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	112 KB
1	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	26 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com Failed	1 KB
1	cntxcdm.com amp.cntxcdm.com — Cisco Umbrella Rank: 27324	2 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
1	sentry.io o115706.ingest.sentry.io — Cisco Umbrella Rank: 93043	273 B
1	calendly.com assets.calendly.com — Cisco Umbrella Rank: 11909	16 KB
102	20

	Domain	Requested by
19	cdn.ampproject.org	www.bleepingcomputer.com cdn.ampproject.org
13	cdn.privacy-mgmt.com	gdpr-tcfv2.sp-prod.net cdn.privacy-mgmt.com
9	s1.feedly.com	feedly.com
8	api.feedly.com	s1.feedly.com
7	www.bleepstatic.com	www.bleepingcomputer.com
4	www.google-analytics.com	s1.feedly.com cdn.ampproject.org
3	sp.bleepingcomputer.com	cdn.ampproject.org sp.bleepingcomputer.com
3	q.stripe.com	feedly.com
3	js.stripe.com	s1.feedly.com js.stripe.com
2	s.srvsynd.com	cd.connatix.com s.srvsynd.com
2	ins.connatix.com	cd.connatix.com
2	capi.connatix.com	amp.cntxcdm.com cd.connatix.com
2	cds.connatix.com	amp.cntxcdm.com cd.connatix.com
2	www.bleepingcomputer.com	s1.feedly.com cdn.ampproject.org
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.googletagmanager.com	s1.feedly.com
2	platform.twitter.com	s1.feedly.com platform.twitter.com
2	feedly.com	s1.feedly.com
1	securepubads.g.doubleclick.net	cd.connatix.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	client
1	cd.connatix.com	1 redirects
1	gdpr-tcfv2.sp-prod.net	sp.bleepingcomputer.com
1	ccpa.sp-prod.net	sp.bleepingcomputer.com
1	amp.cntxcdm.com	cdn.ampproject.org
1	m.stripe.com	m.stripe.network
1	syndication.twitter.com	platform.twitter.com
1	pagead2.googlesyndication.com	s1.feedly.com
1	o115706.ingest.sentry.io	s1.feedly.com
1	assets.calendly.com	feedly.com
0	vid.connatix.com Failed	cd.connatix.com
0	imasdk.googleapis.com Failed	cd.connatix.com
0	region1.google-analytics.com Failed	www.googletagmanager.com
102	33

This site contains links to these domains. Also see Links.

Domain
deals.bleepingcomputer.com
www.proofpoint.com

Subject Issuer	Validity	Valid
*.feedly.com GeoTrust TLS RSA CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
calendly.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.ingest.sentry.io R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
bleepingcomputer.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-11` - `2023-05-11`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-16` - `2023-05-16`	a year	crt.sh
adsparc-consent.gpblog.com R3	`2023-03-16` - `2023-06-14`	3 months	crt.sh
*.sp-prod.net R3	`2023-02-17` - `2023-05-18`	3 months	crt.sh
*.privacy-mgmt.com Amazon RSA 2048 M02	`2022-11-07` - `2023-12-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
srvsynd.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/
Frame ID: 0E8D9EDB29905E06689A741CCE9EAD9E
Requests: 61 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: F40455273D58AD8D7550C7A791B43C6B
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ffeedly.com
Frame ID: 8CFB98862D1781D293C85FF336E2B72E
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 72C9555A1C5AFC9B97CCD232E5BFC440
Requests: 4 HTTP requests in this frame

Frame: https://amp.cntxcdm.com/amp-embed/index.html?playerId=ps_067e5169-ece3-4ce8-87ad-c7961b8bb396&mediaId=d59f5d0c-2087-416a-821c-141798bc501e&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-icedid-variants-shift-from-bank-fraud-to-malware-delivery%2Famp%2F
Frame ID: EBE7A094F1862DE15BEC1C0D5E5B1DE2
Requests: 6 HTTP requests in this frame

Frame: https://sp.bleepingcomputer.com/amp/index.html?authId=amp-Vp75drAjN8i3V2gbYqV5FQ
Frame ID: 6A9C080B4760140D2B22406FAFD7C7CD
Requests: 8 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=741752&consentUUID=69a8085e-947e-4a53-a694-197a5fd8ffab&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsp.bleepingcomputer.com%2Fmms%2Fv2
Frame ID: 872DDA83C0E1E5744D6CB120DD7E684C
Requests: 7 HTTP requests in this frame

Frame: https://cds.connatix.com/p/249471/connatix.playspace.dc.js
Frame ID: EE0A72A89B73AB73F8CEA4302E9E7F75
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New IcedID variants shift from bank fraud to malware delivery

Page URL History Show full URLs

https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51... Page URL
https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/... Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Calendly (Appointment scheduling) Expand

Overall confidence: 100%
Detected patterns

https://assets\.calendly\.com/assets/external/widget\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

102
Requests

95 %
HTTPS

40 %
IPv6

20
Domains

33
Subdomains

26
IPs

4
Countries

3508 kB
Transfer

9844 kB
Size

19
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://deals.bleepingcomputer.com/
Title: Deals

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/blog/threat-insight/fork-ice-new-era-icedid
Title: Proofpoint

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/blog/threat-insight/comprehensive-look-emotets-fall-2022-return
Title: “Lite” variant

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac Page URL
https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/249471/connatix.playspace.dc.js

102 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac Show response
feedly.com/i/entry/52n1/z/ 18 KB
7 KB 210ms
173ms Document
text/html 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40375ae12c012227bde9a74c8d21c71300efe3d4a667201ed39e310c0c4614ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7af1b7ab7e362bba-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 28 Mar 2023 17:50:47 GMT
etag: W/"ffd1acbd8c21d96c"
last-modified: Tue, 28 Mar 2023 10:35:32 -0700
server: cloudflare
vary: accept-encoding
x-content-type-options: nosniff
x-feedly-processing-time: 0
x-feedly-server: ap3int-sv2
x-frame-options: SAMEORIGIN

GET
H2 200 Merriweather-Regular.ttf
s1.feedly.com/fonts/ 152 KB
153 KB 66ms
24ms Font
application/octet-stream 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.feedly.com/fonts/Merriweather-Regular.ttf
Requested by: Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc38fe756b3e259248183fc0b75ad81b02774f3ca68e5e544e925827b0186d40

Request headers

Referer: https://feedly.com/
Origin: https://feedly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:47 GMT
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1646251613
age: 7225487
x-guploader-uploadid: ADPycds5ELsFzKpFMS8TX9nJrq3bg-kSAkup-WPh0IRghoKJmAK_yy92hs1SEu2SdY-Qr72IZuPFmNV8CVg0NAjBeM190d7HHp1L
x-goog-storage-class: STANDARD
x-goog-metageneration: 180
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 156096
last-modified: Wed, 02 Mar 2022 20:09:09 GMT
server: cloudflare
etag: "f96a44b40f99ae4b63f275f1142f7c98"
vary: Accept-Encoding
x-goog-generation: 1646251749631218
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=5U/6Ow==, md5=+WpEtA+Zrktj8nXxFC98mA==
access-control-expose-headers: Cache-Control,Content-Language,Content-Length,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=7776000
x-goog-stored-content-length: 156096
accept-ranges: bytes
cf-ray: 7af1b7accb492c4d-FRA
expires: Mon, 03 Apr 2023 07:46:25 GMT

GET
H2 200 widget.js Show response
assets.calendly.com/assets/external/ 44 KB
16 KB 255ms
223ms Script
application/javascript 2606:4700:3108::ac42:28e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.js

Requested by

Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f410a3f7fd756255808c81acc7244e4682a90f15e941a1eba37065aa6cf7abd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 22:02:33 GMT
cf-bgj: minify
server: cloudflare
age: 61
etag: W/"5ba33f379a2674de9ffc1cb27f39d7d6"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=300
cf-ray: 7af1b7accc6d2ba4-FRA
expires: Wed, 29 Mar 2023 17:50:48 GMT

GET
H2 200 5668.98faf0223837173fe78e.js Show response
s1.feedly.com/web/main/ 225 KB
75 KB 28ms
28ms Script
application/javascript 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.feedly.com/web/main/5668.98faf0223837173fe78e.js
Requested by: Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac67a38f00e60960e2b7bac2aaf589746a474fbc55d72d5620f4cf760ceab38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:47 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1680024740
age: 840
x-guploader-uploadid: ADPycdvUlMgdMLTQJVPP1JoYAMhm5LDCQQxKtMzfs3yRMWJ-PWOKNB1D2Cby2UfFDKbVOHvkHPt1vzmoerhX7b1SH7_IUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 17:32:40 GMT
server: cloudflare
etag: W/"74da5d4f71bd4a8d9bebe0a5acfbd2ca"
vary: Accept-Encoding
x-goog-generation: 1680024760124220
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=K62qcA==, md5=dNpdT3G9So2b6+ClrPvSyg==
access-control-expose-headers: Cache-Control,Content-Language,Content-Length,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=1296000
x-goog-stored-content-length: 230326
cf-ray: 7af1b7ad19882bba-FRA
expires: Wed, 12 Apr 2023 17:35:34 GMT

GET
H3 200 boot.c043733ab5924439217d.js Show response
s1.feedly.com/web/main/ 5 KB
3 KB 30ms
30ms Script
application/javascript 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.feedly.com/web/main/boot.c043733ab5924439217d.js
Requested by: Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8839b10c626bf0782f56b89e282d9354a26c672b2f5b4b7f3367f358376bc6c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:47 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1680024740
age: 884
x-guploader-uploadid: ADPycds0T3Y4VM0U3a1R-fX0RSdthtuO0JqnE0BKMy5pkH5z9wPfxpsyeZgiEMV3goVys1RrHC_bqRTi3U8chzw8KzSuyw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 17:32:40 GMT
server: cloudflare
etag: W/"ae54d68c44605186e691b1a79d65cf7a"
vary: Accept-Encoding
x-goog-generation: 1680024760687836
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=7y9XJA==, md5=rlTWjERgUYbmkbGnnWXPeg==
access-control-expose-headers: Cache-Control,Content-Language,Content-Length,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=1296000
x-goog-stored-content-length: 5038
cf-ray: 7af1b7ad5d3b9bee-FRA
expires: Wed, 12 Apr 2023 17:35:34 GMT

GET
H3 200 5224.2eeeddb03999ecab2020.js Show response
s1.feedly.com/web/main/ 1 MB
399 KB 37ms
36ms Script
application/javascript 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.feedly.com/web/main/5224.2eeeddb03999ecab2020.js
Requested by: Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44c63e74a97584b8a3e76dddc9819dcfd72480c7b8a22b243ebd15f18547ab82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:47 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1680024740
age: 884
x-guploader-uploadid: ADPycduWw0XnzTCfyajueslGQdU2XMYhYhry3RkJUD_z1RO2ClXSOynaoYRlZPBTbqRndkksh1YH-gW-RrrIryjutvNxBC1IhVE4
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 17:32:40 GMT
server: cloudflare
etag: W/"fd623aa748367aede29381d5eeba544a"
vary: Accept-Encoding
x-goog-generation: 1680024760180882
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=FzQsiA==, md5=/WI6p0g2eu3ik4HV7rpUSg==
access-control-expose-headers: Cache-Control,Content-Language,Content-Length,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=1296000
x-goog-stored-content-length: 1481878
cf-ray: 7af1b7ad8d909bee-FRA
expires: Wed, 12 Apr 2023 17:35:34 GMT

GET
H3 200 main.b6c7b048199867fede8f.js Show response
s1.feedly.com/web/main/ 2 MB
595 KB 36ms
35ms Script
application/javascript 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.feedly.com/web/main/main.b6c7b048199867fede8f.js
Requested by: Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af91676b6e0f138704a2275517c79d71946de80104a536a60f1a1ae64bf3033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:48 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1680024740
age: 885
x-guploader-uploadid: ADPycdtu_yFS6ZFqldvDx43jmnyKTL-6Zlpi2PDb5jrbxL-F3Xob5xO1Tn4ihwngbWupCSGd2UwTNQh2MZYvKxVWyZzv
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 17:32:42 GMT
server: cloudflare
etag: W/"d5fbdb6a913d9545e8e03644a18ab74c"
vary: Accept-Encoding
x-goog-generation: 1680024762465952
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=8VmVSw==, md5=1fvbapE9lUXo4DZEoYq3TA==
access-control-expose-headers: Cache-Control,Content-Language,Content-Length,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=1296000
x-goog-stored-content-length: 2318978
cf-ray: 7af1b7ae1e709bee-FRA
expires: Wed, 12 Apr 2023 17:35:34 GMT

GET
H2 200 main.f11cfa193dc2dd433c16.css
s1.feedly.com/web/main/ 385 KB
101 KB 50ms
34ms Stylesheet
text/css 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.feedly.com/web/main/main.f11cfa193dc2dd433c16.css
Requested by: Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 316409397ddfa14595c7564f7116ac7f6d6183513c8534e600771dcf32c344f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:47 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1680024740
age: 840
x-guploader-uploadid: ADPycduf070Lit8UG9dW5IZUlKy15rP_fEMIGYceNU2oClBJb-Fc7NDdWfb179vuolabQCCloV257Dk3aAVLi2_PBqqQkw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 17:32:42 GMT
server: cloudflare
etag: W/"23858ba2bdf55e604f40893bdfe071d8"
vary: Accept-Encoding
x-goog-generation: 1680024762196300
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=pei2TQ==, md5=I4WLor31XmBPQIk73+Bx2A==
access-control-expose-headers: Cache-Control,Content-Language,Content-Length,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=1296000
x-goog-stored-content-length: 394611
cf-ray: 7af1b7aca8b42bba-FRA
expires: Wed, 12 Apr 2023 17:35:34 GMT

GET
H3 200 oops.png
s1.feedly.com/images/ 10 KB
10 KB 23ms
22ms Image
image/png 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.feedly.com/images/oops.png
Requested by: Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 092000b0af2e4207b7e0770219f6360ceee0d284d25470f2313196831f1aa7c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:48 GMT
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1665607810
age: 718769
x-guploader-uploadid: ADPycdsZ7nS8-IyihVH1e2MHz6-YcQeufJotA_m4gs7xS3mXF97EaXAh0zg1pu267WpoJ3qcKVBT_IgNxFp7FtmyY7sOmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 79
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9956
last-modified: Wed, 12 Oct 2022 20:51:45 GMT
server: cloudflare
etag: "0069069d26bb8bd6126f5a97fbd30820"
vary: Accept-Encoding
x-goog-generation: 1665607904870414
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=2HmJZQ==, md5=AGkGnSa7i9YSb1qX+9MIIA==
access-control-expose-headers: Cache-Control, Content-Language, Content-Length, Content-Type, Date, Expires, Last-Modified, Pragma, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1296000
x-goog-stored-content-length: 9956
accept-ranges: bytes
cf-ray: 7af1b7ae4eb49bee-FRA
expires: Mon, 03 Apr 2023 13:45:29 GMT

POST
H2 200 / Show response
o115706.ingest.sentry.io/api/5412567/envelope/ 2 B
273 B 64ms
14ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o115706.ingest.sentry.io/api/5412567/envelope/?sentry_key=222380091fe845a6b01d307286b512da&sentry_version=7&sentry_client=sentry.javascript.react%2F7.45.0

Requested by

Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/5668.98faf0223837173fe78e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://feedly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Mar 2023 17:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://feedly.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 2459.ae7979d3798d2b50dab2.js Show response
s1.feedly.com/web/main/ 2 KB
2 KB 21ms
21ms Script
application/javascript 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.feedly.com/web/main/2459.ae7979d3798d2b50dab2.js
Requested by: Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf781d1d517d80481c6149b616fe60fa70fca8409162b1d1c87513cd4bdbb6d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:48 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1680024740
age: 885
x-guploader-uploadid: ADPycdvHcWVIXN6tfn4SyeWCHbNT0sgB1h-_Q8GuIZtddJO-EI-FgWcKnwMWWkh2hp70DTUrv7I-xJ_XsujrvnrvkgvfU8qsLK45
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 17:32:40 GMT
server: cloudflare
etag: W/"4b84d3a7c6f1ee203f8c7fbb636bef1d"
vary: Accept-Encoding
x-goog-generation: 1680024759974807
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=icHGxg==, md5=S4TTp8bx7iA/jH+7Y2vvHQ==
access-control-expose-headers: Cache-Control,Content-Language,Content-Length,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=1296000
x-goog-stored-content-length: 1733
cf-ray: 7af1b7afb9419bee-FRA
expires: Wed, 12 Apr 2023 17:35:37 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 452 KB
122 KB 46ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/2459.ae7979d3798d2b50dab2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bd3137a5fa9b8646bf5513c7ad4990ee5e0cd136950bef8a62005acfed7647d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:48 GMT
via: 1.1 varnish
age: 12
x-cache: HIT
content-length: 124520
x-request-id: 70e889a8-1feb-44ef-8132-3ba4c5a286f1
x-served-by: cache-hhn-etou8220021-HHN
last-modified: Tue, 28 Mar 2023 17:28:48 GMT
server: Fastly
etag: "4751c3093290441ab490cb4776c0e0e7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

OPTIONS
H2 204 contents
api.feedly.com/v3/streams/ Frame 0
0 607ms
591ms Preflight 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.feedly.com/v3/streams/contents?streamId=feed%2Fhttps%3A%2F%2Fblog.feedly.com%2Fcategory%2Ffeatures-tutorials%2Ffeed%2F&count=1&ranked=newest&similar=true&findUrlDuplicates=true&ck=1680025848439&ct=feedly.desktop&cv=31.0.1769
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://feedly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: HEAD, GET, PUT, POST, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://feedly.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7af1b7b0dbdb2c4d-FRA
date: Tue, 28 Mar 2023 17:50:49 GMT
last-modified: Tue Mar 28 10:50:48 PDT 2023
pragma: no-cache
server: cloudflare
vary: Origin Access-Control-Request-Headers
x-feedly-server: ap13int-sv2

OPTIONS
H2 204 feed%2Fhttps%3A%2F%2Fblog.feedly.com%2Fcategory%2Ffeatures-tutorials%2Ffeed%2F
api.feedly.com/v3/feeds/ Frame 0
0 605ms
592ms Preflight 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.feedly.com/v3/feeds/feed%2Fhttps%3A%2F%2Fblog.feedly.com%2Fcategory%2Ffeatures-tutorials%2Ffeed%2F?ck=1680025848442&ct=feedly.desktop&cv=31.0.1769
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://feedly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: HEAD, GET, PUT, POST, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://feedly.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7af1b7b0dbdd2c4d-FRA
date: Tue, 28 Mar 2023 17:50:49 GMT
last-modified: Tue Mar 28 10:50:48 PDT 2023
pragma: no-cache
server: cloudflare
vary: Origin Access-Control-Request-Headers
x-feedly-server: ap9int-sv2

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 46ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/main.b6c7b048199867fede8f.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 17:50:48 GMT
Content-Encoding: gzip
Age: 477
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/6723)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 371ms
97ms Fetch
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/5668.98faf0223837173fe78e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48351
x-xss-protection: 0
server: cafe
etag: 13357150214943757141
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 17:50:48 GMT

GET
H3 200 contents Show response
api.feedly.com/v3/streams/ 6 KB
2 KB 197ms
196ms XHR
application/json 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.feedly.com/v3/streams/contents?streamId=feed%2Fhttps%3A%2F%2Fblog.feedly.com%2Fcategory%2Ffeatures-tutorials%2Ffeed%2F&count=1&ranked=newest&similar=true&findUrlDuplicates=true&ck=1680025848439&ct=feedly.desktop&cv=31.0.1769
Requested by: Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/5668.98faf0223837173fe78e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff8aa66a64790b35bffe6f299fad48c03e16e60ffabd11f7eeb19552b3ac9609

Request headers

Referer: https://feedly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 17:50:49 GMT
content-encoding: br
x-feedly-server: ap12int-sv2
cf-cache-status: DYNAMIC
last-modified: Tue Mar 28 10:50:49 PDT 2023
server: cloudflare
vary: origin,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://feedly.com
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
x-feedly-processing-time: 5
cf-ray: 7af1b7b499339bee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/main.b6c7b048199867fede8f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 16:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6337
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 28 Mar 2023 18:05:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 58ms
31ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7BLKHS9WWP

Requested by

Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/main.b6c7b048199867fede8f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e888676a7d0f967f0cbc4d412fd6078b50df8edfab0f6b0e6c785c1bc9204e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Mar 2023 17:50:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
42 KB 48ms
21ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MGR5P7J

Requested by

Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/main.b6c7b048199867fede8f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07db184a1a8ca8be7d1a39ee906db7df8a475eb552a1f90aa1ea9e92a02d41d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43060
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 16:49:13 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 17:50:48 GMT

GET
H3 200 feed%2Fhttps%3A%2F%2Fblog.feedly.com%2Fcategory%2Ffeatures-tutorials%2Ffeed%2F Show response
api.feedly.com/v3/feeds/ 891 B
749 B 173ms
173ms XHR
application/json 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.feedly.com/v3/feeds/feed%2Fhttps%3A%2F%2Fblog.feedly.com%2Fcategory%2Ffeatures-tutorials%2Ffeed%2F?ck=1680025848442&ct=feedly.desktop&cv=31.0.1769
Requested by: Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/5668.98faf0223837173fe78e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ddae51548c637bc373c5e100574927f4a6f90b30b8f3b3bc919dc4f2c35e696

Request headers

Referer: https://feedly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 17:50:49 GMT
content-encoding: br
x-feedly-server: ap8int-sv2
cf-cache-status: DYNAMIC
last-modified: Tue Mar 28 10:50:49 PDT 2023
server: cloudflare
vary: origin,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://feedly.com
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
x-feedly-processing-time: 1
cf-ray: 7af1b7b499349bee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame F404 200 B
787 B 12ms
12ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://feedly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 9560745
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 17:50:48 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 07 Dec 2022 23:30:12 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 643691
x-content-type-options: nosniff
x-request-id: a7265c95-30ba-49b9-b988-b060e545e087
x-served-by: cache-hhn-etou8220021-HHN

GET
H3 200 3265.52aa91874703c895c2d6.js Show response
s1.feedly.com/web/main/ 3 KB
2 KB 22ms
21ms Script
application/javascript 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.feedly.com/web/main/3265.52aa91874703c895c2d6.js
Requested by: Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9745ff6d46c5530df03c5111446030446581d4035d79a0bb62012f9d744e3a82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:48 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1680024740
age: 702
x-guploader-uploadid: ADPycdugEuUObF2mVfmqH1es1ZmggITyYw7hJYDfVYSMY-CfAqb6nVeatdl5Jvw_n7TQa6zuKjIjNO3F9YdmUJyXA-s5747SQycy
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 17:32:40 GMT
server: cloudflare
etag: W/"2af6442cfefc628baf353645fde402d2"
vary: Accept-Encoding
x-goog-generation: 1680024760061067
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=xKpu9A==, md5=KvZELP78YouvNTZF/eQC0g==
access-control-expose-headers: Cache-Control,Content-Language,Content-Length,Content-Type,Expires,Last-Modified,Pragma
cache-control: public, max-age=1296000
x-goog-stored-content-length: 2833
cf-ray: 7af1b7b0fb5f9bee-FRA
expires: Wed, 12 Apr 2023 17:39:06 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame F404 0
640 B 555ms
185ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Mar 2023 17:50:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 8
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680025848934578
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F404 0
641 B 553ms
184ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Mar 2023 17:50:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 8
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680025848934806
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F404 631 B
468 B 9ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:48 GMT
via: 1.1 varnish
age: 9560744
x-cache: HIT
content-length: 332
x-request-id: 14744105-449b-44c6-bcb4-a7353f6475ee
x-served-by: cache-hhn-etou8220021-HHN
last-modified: Wed, 07 Dec 2022 23:30:11 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 581147

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 8CFB 320 KB
104 KB 10ms
10ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ffeedly.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://feedly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1112282
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Mar 2023 17:50:48 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 72C9 930 B
1 KB 21ms
10ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 79
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 17:50:48 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 105
x-content-type-options: nosniff
x-request-id: 7b644e5a-5d93-4599-b9e9-815b834352b2
x-served-by: cache-hhn-etou8220021-HHN
x-timer: S1680025849.555559,VS0,VE0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
142 B 18ms
17ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=858700651&t=pageview&_s=1&dl=https%3A%2F%2Ffeedly.com%2Fi%2Fentry%2F52n1%2Fz%2FlTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ%3D_18724909a2b%3A47f0b0b%3Ac51640ac&dp=entry%2F52n1%2Fz%2FlTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ%3D_18724909a2b%3A47f0b0b%3Ac51640ac&ul=en-us&de=UTF-8&dt=Feedly%20%E2%80%93%20Keep%20up%20with%20the%20topics%20and%20trends%20you%20care%20about&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAEI~&jid=1110492870&gjid=738686257&cid=442340730.1680025848&tid=UA-50514009-6&_gid=481054310.1680025848&_r=1&_slc=1&z=99230717

Requested by

Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/5668.98faf0223837173fe78e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://feedly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 17:50:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://feedly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 9ms
8ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=858700651&t=event&_s=2&dl=https%3A%2F%2Ffeedly.com%2Fi%2Fentry%2F52n1%2Fz%2FlTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ%3D_18724909a2b%3A47f0b0b%3Ac51640ac&ul=en-us&de=UTF-8&dt=Feedly%20%E2%80%93%20Keep%20up%20with%20the%20topics%20and%20trends%20you%20care%20about&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=awareness&ea=do&_u=aEDAAEABAAAAACAEI~&jid=&gjid=&cid=442340730.1680025848&tid=UA-50514009-6&_gid=481054310.1680025848&z=30082207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85537
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 AWARENESS:web
api.feedly.com/v3/dailycounter/ 1 B
313 B 592ms
592ms XHR
text/plain 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.feedly.com/v3/dailycounter/AWARENESS:web?ck=1680025848547&ct=feedly.desktop&cv=31.0.1769
Requested by: Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/5668.98faf0223837173fe78e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://feedly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 17:50:49 GMT
x-feedly-server: ap13int-sv2
cf-cache-status: DYNAMIC
last-modified: Tue Mar 28 10:50:49 PDT 2023
server: cloudflare
vary: Origin
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://feedly.com
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
x-feedly-processing-time: 0
cf-ray: 7af1b7b53a569bee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1

OPTIONS
H2 204 AWARENESS:web
api.feedly.com/v3/dailycounter/ Frame 0
0 600ms
600ms Preflight 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.feedly.com/v3/dailycounter/AWARENESS:web?ck=1680025848547&ct=feedly.desktop&cv=31.0.1769
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://feedly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: HEAD, GET, PUT, POST, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://feedly.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7af1b7b16d272c4d-FRA
date: Tue, 28 Mar 2023 17:50:49 GMT
last-modified: Tue Mar 28 10:50:49 PDT 2023
pragma: no-cache
server: cloudflare
vary: Origin Access-Control-Request-Headers
x-feedly-server: ap3int-sv2

GET
H3 200 52n1%2Fz%2FlTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ%3D_18724909a2b%3A47f0b0b%3Ac51640ac
api.feedly.com/v3/entries/ 2 KB
1 KB 587ms
587ms XHR
application/json 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.feedly.com/v3/entries/52n1%2Fz%2FlTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ%3D_18724909a2b%3A47f0b0b%3Ac51640ac?ck=1680025848557&ct=feedly.desktop&cv=31.0.1769
Requested by: Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/5668.98faf0223837173fe78e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://feedly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 17:50:49 GMT
content-encoding: br
x-feedly-server: ap1int-sv2
cf-cache-status: DYNAMIC
last-modified: Tue Mar 28 10:50:49 PDT 2023
server: cloudflare
vary: origin,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://feedly.com
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
x-feedly-processing-time: 1
cf-ray: 7af1b7b53a629bee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 204 52n1%2Fz%2FlTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ%3D_18724909a2b%3A47f0b0b%3Ac51640ac
api.feedly.com/v3/entries/ Frame 0
0 595ms
595ms Preflight 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.feedly.com/v3/entries/52n1%2Fz%2FlTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ%3D_18724909a2b%3A47f0b0b%3Ac51640ac?ck=1680025848557&ct=feedly.desktop&cv=31.0.1769
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://feedly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: HEAD, GET, PUT, POST, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://feedly.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7af1b7b17d3d2c4d-FRA
date: Tue, 28 Mar 2023 17:50:49 GMT
last-modified: Tue Mar 28 10:50:49 PDT 2023
pragma: no-cache
server: cloudflare
vary: Origin Access-Control-Request-Headers
x-feedly-server: ap15int-sv2

POST
H2 200 csp-report
q.stripe.com/ Frame 72C9 0
414 B 442ms
185ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: feedly.com
URL: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Tue, 28 Mar 2023 17:50:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-client-envoy-start-time-us: 1680025848934639
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 8
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8CFB 663 B
605 B 163ms
118ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=251e7dc9c5b658755caf9e162577c86f8fa9738b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Ffeedly.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-response-time: 110
date: Tue, 28 Mar 2023 17:50:48 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 28 Mar 2023 17:50:48 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 9967f313a482b9d8
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 58fa0acb046cc3781e9a9eafd5db73033966040a97fe88207c6c9f0699dd04a8
content-length: 284

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 72C9 86 KB
16 KB 16ms
16ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 28 Mar 2023 17:50:48 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 21
x-cache: HIT
content-length: 16031
x-request-id: 2e3a91ce-5cfb-44a3-b3d3-af21886c0b06
x-served-by: cache-hhn-etou8220021-HHN
server: Fastly
x-timer: S1680025849.612111,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 30

POST
H2 200 6 Show response
m.stripe.com/ Frame 72C9 156 B
633 B 789ms
413ms XHR
application/json 54.201.215.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.215.5 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-215-5.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a3cee6eb743b7ba39410869f8261cd59d19f24d4e90db9031990b42e7f87ef86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 28 Mar 2023 17:50:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680025849149836
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1680025849149468
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 200 amplitude Show response
feedly.com/ 94 B
290 B 227ms
226ms Fetch
application/json 104.20.59.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedly.com/amplitude

Requested by

Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/5668.98faf0223837173fe78e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.20.59.241 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48b81c24701d6842120185e052aa6d07247b28db12132fbf759924b4c1469310

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://feedly.com/i/entry/52n1/z/lTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ=_18724909a2b:47f0b0b:c51640ac
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Mar 2023 17:50:49 GMT
strict-transport-security: max-age=15768000
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-642328f9-52d730f940f2a152063aa15e
cf-ray: 7af1b7b61ba29bee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Primary Request / Show response
www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/ 42 KB
10 KB 1033ms
988ms Document
text/html 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Requested by

Host: s1.feedly.com
URL: https://s1.feedly.com/web/main/3265.52aa91874703c895c2d6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6238b9b8fd6c313354f75d140c7d92663e75458e4c8cac11d9894a113432ff3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://feedly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7af1b7b939833a86-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Tue, 28 Mar 2023 17:50:50 GMT
expires: 0
last-modified: Mon, 27 Mar 2023 19:25:04 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN

POST collect
region1.google-analytics.com/g/ 0
0

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 151ms
93ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3be0dcb64ce9c91194d3990067637bec66036c527ead4150f642d73418fda12

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9655
x-xss-protection: 0
server: sffe
etag: "d091ee8410bc582a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 88ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab841009e2a27ca090fc374de555dee3e1db92bf131c4c9b63a025117a3251

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4798
x-xss-protection: 0
server: sffe
etag: "b50aef83da7cec04"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 amp-consent-0.1.js Show response
cdn.ampproject.org/v0/ 58 KB
18 KB 70ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-consent-0.1.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b6f6104cfd7e04d00a5ae495c955dcff509508d285d88b8a0f70152ffc5abf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17708
x-xss-protection: 0
server: sffe
etag: "f71d81fa1cb6fb6b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 amp-geo-0.1.js Show response
cdn.ampproject.org/v0/ 12 KB
4 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-geo-0.1.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d273ffa0de05bff34a563e95cdce28afe589df8cc3492173f93c99c233702f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4453
x-xss-protection: 0
server: sffe
etag: "6f81178a52ba7dff"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
9 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bcb6f03385e4fd67a3537f6191dc019e325ab8064517ec102a60b5f25ea0aa7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8958
x-xss-protection: 0
server: sffe
etag: "0b9dbf61f7ff4a95"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 77ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad63e0dbabc00f8a0496e13c188e063cd35b08beaea237eec6a67944d6fdc7bd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23092
x-xss-protection: 0
server: sffe
etag: "0dbf707ff9f23b7f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26be28313858b1b2f63c168f46e818ab77cfa077a28c1688644b853a144c3f55

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10295
x-xss-protection: 0
server: sffe
etag: "55c1726f8dfa5dda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 amp-fx-flying-carpet-0.1.js Show response
cdn.ampproject.org/v0/ 7 KB
3 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-fx-flying-carpet-0.1.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c23d7fc8e13f41fd7ffa0fa4cadda61974b784eff6ac4fcec31d71f81d77745f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2543
x-xss-protection: 0
server: sffe
etag: "47d32ee5a742df13"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 amp-connatix-player-0.1.js Show response
cdn.ampproject.org/v0/ 12 KB
4 KB 34ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-connatix-player-0.1.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e48da3317ce23d67a0113bf76664fdcfc29f9b2393936abbff8b81e6960035

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4214
x-xss-protection: 0
server: sffe
etag: "8c0fed7f494a1b16"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 amp-access-0.1.js Show response
cdn.ampproject.org/v0/ 57 KB
17 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-access-0.1.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b29a604faee00f1eb2d17c49ba2f85921f786d3d987566a365312df049aef8af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17057
x-xss-protection: 0
server: sffe
etag: "614877366d183b45"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 amp-access-scroll-0.1.js Show response
cdn.ampproject.org/v0/ 20 KB
7 KB 28ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-access-scroll-0.1.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01d7cd20ae48276595d251c4b717223ec84f82f14dc578caac0c4c45f9a79a33

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6883
x-xss-protection: 0
server: sffe
etag: "a3907c453d6469ce"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
31 KB 37ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c08e4934ae4c7818d41f0dff0712b7e54b8d507ae0cc2bb6ef883a7ec5e5ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32057
x-xss-protection: 0
server: sffe
etag: "972da368acb7d622"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53e5ce6b2351efc14fb7d6becebaf224ab84ebb49ca66aac8060f721e6589eeb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 17:50:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72700
x-xss-protection: 0
server: sffe
etag: "629cb52c72f9013c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 28 Mar 2023 17:50:50 GMT

GET
H2 200 calendar.png
www.bleepstatic.com/images/site/ 86 B
441 B 65ms
17ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/calendar.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 427824
cf-polished: origFmt=png, origSize=129
content-disposition: inline; filename="calendar.webp"
content-length: 86
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BbyJHvbxEeNYfFxoiC4CSq%2BhqNo%2Bem5d5YzgRcpmxfnQPeMDIKVH7O2ET0cYPzgVAwZSVTQtemFgBaNrsyuMpoVOi1haKAe1VL6xq0PDDER9jfOv8d%2FRpX214ITaI2lDI97qGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7af1b7bfdae89bd4-FRA
expires: Sat, 22 Apr 2023 19:00:26 GMT

GET
H2 200 clock.png
www.bleepstatic.com/images/site/ 252 B
629 B 65ms
18ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/clock.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 305226
cf-polished: origFmt=png, origSize=1316
content-disposition: inline; filename="clock.webp"
content-length: 252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 29 May 2015 07:08:14 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Loa57jQSdm80%2F4bUIO9uIGLANeXn%2Bx1EgoWR7hDzBjnvdwpROro0DyTQX0B20GWMbfUbtNckFeTo0u%2FMH%2FZ7puoxldYZ1x3q4MLtU4cu93vFGYZfzLpb9DUYB7g1AVLxHZyhYNo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7af1b7bfdaeb9bd4-FRA
expires: Mon, 24 Apr 2023 05:03:44 GMT

GET
H2 200 h4-bg.png
www.bleepstatic.com/images/site/ 38 B
593 B 63ms
16ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/h4-bg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144872
cf-polished: origFmt=png, origSize=72
content-disposition: inline; filename="h4-bg.webp"
content-length: 38
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gz7JONWvXszdN435gOpZd%2FAgCfjRfUMxJnhkDO54coebbY9xblMUJlnA4xdpX%2Fgn7MuOVYRg3tl3xrw62sl249kb8Bxo1b4U09D%2FSZmFRbgxv%2Fj%2BKHQx%2BG6tCpUIZPDJ4%2FMvd20%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7af1b7bfdaec9bd4-FRA
expires: Wed, 26 Apr 2023 01:36:18 GMT

GET
H2 200 logo.png
www.bleepstatic.com/images/site/ 1 KB
1 KB 16ms
15ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420236
cf-polished: origFmt=png, origSize=1882
content-disposition: inline; filename="logo.webp"
content-length: 1152
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Mar 2017 04:12:00 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgd2Q9tThmsk8GVnB27V0zwvS9fVxh91f%2Bjh3gbMzMjSXKHBh%2FcXszJDd9F1TDDcCF1aUrjSHU16L2s2IXR4BRNBBfqynw3zte1kqPW5OB5jyticGQ1YgAsf%2FUVVxPA2Lo6Cd2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7af1b7c08c3b9bd4-FRA
expires: Sat, 22 Apr 2023 21:06:54 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 malware-header.jpg
www.bleepstatic.com/content/hl-images/2022/05/05/ 124 KB
124 KB 17ms
16ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2022/05/05/malware-header.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fa6cb5db3859a99ebca3781fb4d1690c5a8880b3ae2a6a5d6505a91d8ced1fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144519
cf-polished: qual=85, origFmt=jpeg, origSize=385026
content-disposition: inline; filename="malware-header.webp"
content-length: 126894
cf-bgj: imgq:85,h2pri
last-modified: Thu, 05 May 2022 14:27:36 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyrl9D8Z7vjSrvMqxctf4N7M%2FhtIGdOBeh2WthcUhLejto2qVOZkGUH%2FvJ7cLQWJVTHobpDs8oDc361aG1fgbB6fLCGDomP2Lr4Z8kvmv87P1ZACUqD%2FOsFImpt4Hy6n9Ls0tmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7af1b7c08c3d9bd4-FRA
expires: Wed, 26 Apr 2023 01:42:10 GMT

GET
H2 200 clusters.png
www.bleepstatic.com/images/news/u/1220909/2023/Malware/22/ 294 KB
295 KB 40ms
40ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/news/u/1220909/2023/Malware/22/clusters.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b98b3fb3fca21bc091742cbf9253dc382f32a999c0315d36f80d5ab9c180bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80413
cf-polished: origFmt=png, origSize=485390
content-disposition: inline; filename="clusters.webp"
content-length: 301042
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Mar 2023 11:44:19 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d14%2Fg%2BNG4t0dOpQWZ3LM6yphU5KHAg0DtMAfl2KWp8StjayYsX939CjmX5IGPK3ZhNIoSAM6ZrzODprAzBFeqegQJtp4TlLMfSNw%2FBFJZirWyT29ZLpebPF3I3%2FzTYkwnxYuKSk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7af1b7c08c3f9bd4-FRA
expires: Wed, 26 Apr 2023 19:30:36 GMT

GET
H2 200 one-note.png
www.bleepstatic.com/images/news/u/1220909/2023/Malware/22/ 451 KB
452 KB 41ms
40ms Image
image/webp 172.67.75.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/news/u/1220909/2023/Malware/22/one-note.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5173dad50bd846e641bed579b86efad4b39fc9683707318cf387b5ac37be9d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80377
cf-polished: origFmt=png, origSize=713261
content-disposition: inline; filename="one-note.webp"
content-length: 462040
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Mar 2023 11:44:22 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jjfC37SKEl6p%2Bi%2FvJaXFUW1OHR1cTGRmGdmOxCVsh1fwOOXrAP%2Fn41VoPdsh4drhws%2FYvYLEhuwkzxlOlBcBbwtE270vIXqC5x5dfzagyzVWDg8RgRIaGKHNMo7RZuGeggBjjg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7af1b7c08c419bd4-FRA
expires: Wed, 26 Apr 2023 19:31:12 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012303151529000/v0/ 8 KB
3 KB 42ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151529000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28386caebd744e1fe92aba2bca68f77e77f54c6000ac4edf14b3dd4cfd83cac1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
Origin: https://www.bleepingcomputer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 21 Mar 2023 20:16:53 GMT
age: 596038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2991
x-xss-protection: 0
server: sffe
etag: "4cdfc9f14b142ad9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Mar 2024 20:16:53 GMT

POST
H2 200 / Show response
sp.bleepingcomputer.com/wrapper/tcfv2/v1/amp-v2/ 73 B
623 B 107ms
16ms Fetch
application/json 13.224.189.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.bleepingcomputer.com/wrapper/tcfv2/v1/amp-v2/?authId=amp-Vp75drAjN8i3V2gbYqV5FQ&__amp_source_origin=https%3A%2F%2Fwww.bleepingcomputer.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-32.fra2.r.cloudfront.net

Software

/ Express

Resource Hash

33066c3870b09478cc08461aaacb2159ebc51c79872440690b44570db9634bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.bleepingcomputer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Tue, 28 Mar 2023 17:50:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length: 73
x-amz-cf-id: e0vOUkNRcxbreJhvhA5weEytpkhvwnJaMz8ZfnkEtUhVIDrN1phdmw==

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012303151529000/v0/ 12 KB
4 KB 18ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151529000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bac2f6087e11a12a3bc674e9f45aaae103ddf213a5d02eed15454cae1b181226

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
Origin: https://www.bleepingcomputer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 21 Mar 2023 20:16:45 GMT
age: 596046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3934
x-xss-protection: 0
server: sffe
etag: "cc4d353ae2c33fe8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Mar 2024 20:16:45 GMT

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 666df6b58ed258a39995d5a62841b537e67860d4b0a11096f0b2366e661571d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012303151529000/v0/ 239 KB
63 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151529000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b95b99b813dcfbaf67905c752db4e31893aa83490c975368e4272f88163c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
Origin: https://www.bleepingcomputer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 21 Mar 2023 20:16:54 GMT
age: 596037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64507
x-xss-protection: 0
server: sffe
etag: "54949f51eb5d5e64"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Mar 2024 20:16:54 GMT

GET
H2 200 index.html Show response
amp.cntxcdm.com/amp-embed/ Frame EBE7 3 KB
2 KB 471ms
403ms Document
text/html 2606:4700::6812:3fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.cntxcdm.com/amp-embed/index.html?playerId=ps_067e5169-ece3-4ce8-87ad-c7961b8bb396&mediaId=d59f5d0c-2087-416a-821c-141798bc501e&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-icedid-variants-shift-from-bank-fraud-to-malware-delivery%2Famp%2F
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-connatix-player-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:3fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b95095c2cc3c21094dfac58fa1c0d4fc95b7b5e544d8bce3d16c8a74a40c7b8

Request headers

Referer: https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7af1b7c13c013680-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 28 Mar 2023 17:50:51 GMT
last-modified: Wed, 15 Mar 2023 12:16:04 GMT
server: cloudflare
x-amz-id-2: ye3bRW+3GCpYf/tG4wl2llgr0KnJ4Zs1V3RhbX5jp/M52Rk0LSP+r9f9ZpIuL0QcdsLM9rKj6UA=
x-amz-request-id: GJ70MYX97F0V0X34
x-amz-server-side-encryption: AES256

GET
H3 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/rtv/012303151529000/v0/ 65 KB
19 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151529000/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de70d71e721d9cbb5d5a8ad971b97bcd280b23a5e43e98b30b07187e8fe4de8c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
Origin: https://www.bleepingcomputer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 21 Mar 2023 20:16:45 GMT
age: 596046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19080
x-xss-protection: 0
server: sffe
etag: "952be877ef648130"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Mar 2024 20:16:45 GMT

GET
H2 200 index.html Show response
sp.bleepingcomputer.com/amp/ Frame 6A9C 7 KB
3 KB 10ms
9ms Document
text/html 13.224.189.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.bleepingcomputer.com/amp/index.html?authId=amp-Vp75drAjN8i3V2gbYqV5FQ
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-consent-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-32.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63b114cf855f78413b765bc2e94cd3725c9c313c1bb63e488223372c59462f15

Request headers

Referer: https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2554
content-encoding: gzip
content-type: text/html
date: Tue, 28 Mar 2023 17:08:29 GMT
etag: W/"0a48f80e0d566db05978015f184f49be"
last-modified: Thu, 02 Feb 2023 15:53:50 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-id: 1dh7dF1Uw9EelLzHp-SugTzPVZuhwB3MPLZokJC208Kborl_6dtf3g==
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 sourcepoint_amp.js Show response
sp.bleepingcomputer.com/amp/dist/ Frame 6A9C 16 KB
4 KB 9ms
9ms Script
application/javascript 13.224.189.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.bleepingcomputer.com/amp/dist/sourcepoint_amp.js
Requested by: Host: sp.bleepingcomputer.com
URL: https://sp.bleepingcomputer.com/amp/index.html?authId=amp-Vp75drAjN8i3V2gbYqV5FQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-32.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e4aeffb346c619d09d4ef2275d63674e7e86ef3a730f884e732daef749c7fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sp.bleepingcomputer.com/amp/index.html?authId=amp-Vp75drAjN8i3V2gbYqV5FQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:19:17 GMT
content-encoding: gzip
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified: Thu, 02 Feb 2023 15:53:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 1906
x-amz-server-side-encryption: AES256
etag: W/"82c81cff2a96048af0bcfc183ee53a00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: DJ11GA1DYqtEYrnxjFE_Nbu87A_jURWn5P8TUsbTtHhTtKIbtLmohQ==

GET
H2 200 ccpa.js Show response
ccpa.sp-prod.net/ Frame 6A9C 55 KB
19 KB 48ms
8ms Script
application/javascript 18.66.112.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ccpa.sp-prod.net/ccpa.js
Requested by: Host: sp.bleepingcomputer.com
URL: https://sp.bleepingcomputer.com/amp/index.html?authId=amp-Vp75drAjN8i3V2gbYqV5FQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2314c48342ad7cc6027df1d72315ab46e781cb118d08127f7d658bb06b9f213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sp.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:48:52 GMT
content-encoding: gzip
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:12:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 120
etag: W/"03d1c1f6642064c8fc51daa6d457d3dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Lpi7KbyHeBW902S-4A3RTdvRHvw3uRvmJJ-qgEH_XKMKmKd23I6zEw==

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
gdpr-tcfv2.sp-prod.net/ Frame 6A9C 165 KB
47 KB 50ms
8ms Script
text/javascript 65.9.95.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Requested by: Host: sp.bleepingcomputer.com
URL: https://sp.bleepingcomputer.com/amp/dist/sourcepoint_amp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-112.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67c020636e0b1eda3fe0b956769f00bafd5866ffff3434bd6fa889b2f57f4dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sp.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
date: Tue, 28 Mar 2023 16:55:15 GMT
last-modified: Thu, 12 Jan 2023 16:02:52 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 3337
x-amz-server-side-encryption: AES256
etag: W/"839238acc19b6d0f7cf406188cc8da38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 1HM9nFVhX8ZEsUumOgI7r7NniuEHAjFebO45VdSahYGgIHzrwDCIRw==

GET
H2 200 consent-status Show response
cdn.privacy-mgmt.com/consent/tcfv2/consent/v3/17105/ Frame 6A9C 22 KB
2 KB 20ms
20ms XHR
application/json 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/consent/tcfv2/consent/v3/17105/consent-status?hasCsp=true&authId=amp-Vp75drAjN8i3V2gbYqV5FQ&accountId=1638&withSiteActions=true

Requested by

Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-31.fra60.r.cloudfront.net

Software

Resource Hash

c427612d60d6ac15495d6a95e1746e48d2411b2bf482f84deb43c4a9e20c5106

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://sp.bleepingcomputer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Mar 2023 17:50:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: cBBqzpOzCWgvMGLix-KqsvrbeGgHSIuiXSIitkiImwLSVQuTSOekvQ==

GET
H2 200 latest-version Show response
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 6A9C 206 B
698 B 26ms
26ms XHR
application/json 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/latest-version?siteId=17105&accountId=1638&hasCsp=true

Requested by

Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-31.fra60.r.cloudfront.net

Software

Resource Hash

8a6335dafef7d655074498ea565eb906865886d07640d8c3fc92e5f9502c6948

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://sp.bleepingcomputer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Mar 2023 17:50:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 206
x-amz-cf-id: uAzIUMWKDW-0PZEx9btX2AQWIhC1ebEMC_8MxiHqIvlPehljKY4UHA==

OPTIONS
H2 200 consent-status
cdn.privacy-mgmt.com/consent/tcfv2/consent/v3/17105/ Frame 0
0 53ms
14ms Preflight
text/html 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/consent/tcfv2/consent/v3/17105/consent-status?hasCsp=true&authId=amp-Vp75drAjN8i3V2gbYqV5FQ&accountId=1638&withSiteActions=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-31.fra60.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://sp.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
allow: GET,HEAD
cache-control: no-cache
content-length: 8
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 17:50:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-id: LGXcQNE9-oMy2TeylMMzZ1n6LDwz2PdOqCcmnBKWY9lxXd5_2_nv7A==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront

OPTIONS
H2 200 latest-version
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 0
0 65ms
27ms Preflight
text/plain 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/latest-version?siteId=17105&accountId=1638&hasCsp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-31.fra60.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://sp.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=0, s-maxage=600
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 28 Mar 2023 17:50:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-id: 8-SScUqPVoIrFe8TuaqbSwsl_qd1oDC-cnnNW4LgItUmqRJX8tyBMw==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront

GET
H2 200 new-user Show response
cdn.privacy-mgmt.com/wrapper/tcfv2/v2/gdpr/native-message/ Frame 6A9C 34 KB
5 KB 71ms
70ms XHR
application/json 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/tcfv2/v2/gdpr/native-message/new-user?hasCsp=true&env=prod&body=%7B%22propertyId%22%3A17105%2C%22accountId%22%3A1638%2C%22propertyHref%22%3A%22https%3A%2F%2Famp.bleepingcomputer.com%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsp.bleepingcomputer.com%22%2C%22targetingParams%22%3A%22%7B%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22hasConsentData%22%3Afalse%2C%22consentedToAll%22%3Afalse%2C%22consentedToAny%22%3Anull%2C%22rejectedAny%22%3Anull%2C%22legalBasisChanges%22%3Afalse%2C%22vendorListAdditions%22%3Afalse%7D&nonkeyed=%7B%22_sp_v1_uid%22%3Anull%2C%22_sp_v1_data%22%3Anull%7D&scriptVersion=2.5.0&scriptType=tcfv2

Requested by

Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-31.fra60.r.cloudfront.net

Software

/ Express

Resource Hash

af66bc89979761dc99af570c54c1bd4c0773a5b341bbf1bc6f4f9accc1b0e826

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://sp.bleepingcomputer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Mar 2023 17:50:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: qeD3JZKG0sYQNX6f6JbZ5zUPgvkYA2vwO7lb3NnHRhqzdVcNvTnFjg==

OPTIONS
H2 200 new-user
cdn.privacy-mgmt.com/wrapper/tcfv2/v2/gdpr/native-message/ Frame 0
0 18ms
17ms Preflight
text/plain 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-31.fra60.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://sp.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=86400, s-maxage=1200
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 28 Mar 2023 17:50:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-id: jDNjyZtnoZC-Oqv1HMQzSNfuH7ZEIhA0BivJbhrFI15wAEQZhqwEvA==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
x-powered-by: Express

OPTIONS
H2 200 pv-data
cdn.privacy-mgmt.com/consent/tcfv2/consent/v2/data-pipeline/ Frame 0
0 14ms
14ms Preflight
text/html 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/consent/tcfv2/consent/v2/data-pipeline/pv-data?hasCsp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-31.fra60.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sp.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
allow: POST
cache-control: no-cache
content-length: 4
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 17:50:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-id: wg2EnZUSkEopp4vK0lZTTlLuHGvBu2pZz2JwCHNxZmLErBhVBJKjew==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront

POST
H2 200 pv-data Show response
cdn.privacy-mgmt.com/consent/tcfv2/consent/v2/data-pipeline/ Frame 6A9C 685 B
1 KB 12ms
12ms XHR
application/json 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/consent/tcfv2/consent/v2/data-pipeline/pv-data?hasCsp=true

Requested by

Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-31.fra60.r.cloudfront.net

Software

Resource Hash

2f1f00ab2248bdf9339c820e5aedd8a58e2fc1f637c58b10885e70828981f32e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://sp.bleepingcomputer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Mar 2023 17:50:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 685
x-amz-cf-id: 6wLyrsy8MXFSCH75-ZmfxSD8XK-wi1fqOiDp_ayyZGNrcfZoxnmnyA==

GET
H2 200 index.html Show response
cdn.privacy-mgmt.com/ Frame 872D 4 KB
2 KB 29ms
8ms Document
text/html 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/index.html?message_id=741752&consentUUID=69a8085e-947e-4a53-a694-197a5fd8ffab&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsp.bleepingcomputer.com%2Fmms%2Fv2
Requested by: Host: gdpr-tcfv2.sp-prod.net
URL: https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-31.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b6ef2a2ff5a4d970620e02b429548dfb6acbf6e63a7ef4065502251d8433f00

Request headers

Referer: https://sp.bleepingcomputer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 243
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Tue, 28 Mar 2023 17:46:49 GMT
etag: W/"56ced6c92a94bd4ee47d5c270e624599"
last-modified: Thu, 02 Mar 2023 17:33:18 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-cf-id: IiangNjcrkW6wX1aCDrSpvyupsoZ4PnVuQsOdcxYROERzNDrJbg4Xw==
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 Notice.cebe9.css
cdn.privacy-mgmt.com/ Frame 872D 33 KB
6 KB 12ms
9ms Stylesheet
text/css 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.cebe9.css
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=741752&consentUUID=69a8085e-947e-4a53-a694-197a5fd8ffab&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsp.bleepingcomputer.com%2Fmms%2Fv2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-31.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bd12e30c80ebaa26b56c4b2d9c16dc9b4f533a10b27271568c774c718644478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/index.html?message_id=741752&consentUUID=69a8085e-947e-4a53-a694-197a5fd8ffab&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsp.bleepingcomputer.com%2Fmms%2Fv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:10:03 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 17:33:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 2448
x-amz-server-side-encryption: AES256
etag: W/"2906e24155ed9b893ffa1589740821ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: dgrxlK7eEymuD7BYZZhrhAvi4mdWrobfzq3Av2p3H0_YdMU7762QPw==

GET
H2 200 polyfills.d36c5.js Show response
cdn.privacy-mgmt.com/ Frame 872D 5 KB
2 KB 13ms
11ms Script
text/javascript 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/polyfills.d36c5.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=741752&consentUUID=69a8085e-947e-4a53-a694-197a5fd8ffab&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsp.bleepingcomputer.com%2Fmms%2Fv2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-31.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/index.html?message_id=741752&consentUUID=69a8085e-947e-4a53-a694-197a5fd8ffab&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsp.bleepingcomputer.com%2Fmms%2Fv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:20:10 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 17:33:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 1841
x-amz-server-side-encryption: AES256
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: YDJOVhthdIj-d5ZhVfotbUpUvEuo1CORWsLanDA-rmlEjUmu-ziVHg==

GET
H2 200 Notice.3712f.js Show response
cdn.privacy-mgmt.com/ Frame 872D 262 KB
69 KB 14ms
12ms Script
text/javascript 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.3712f.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=741752&consentUUID=69a8085e-947e-4a53-a694-197a5fd8ffab&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsp.bleepingcomputer.com%2Fmms%2Fv2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-31.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4c2b200550ff5b1c078b2eb9cb177145904a01b23e84cde65721369a85362dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/index.html?message_id=741752&consentUUID=69a8085e-947e-4a53-a694-197a5fd8ffab&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsp.bleepingcomputer.com%2Fmms%2Fv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:43:25 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 17:33:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 447
x-amz-server-side-encryption: AES256
etag: W/"93ded739e3803e21694d7a33dfe765e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 3pDsD3BvuZsrdoXGip7Z85l4iccZH6jDNgiokQYdwOymZXXzH_jCAQ==

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/249471/ Frame EE0A
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/249471/connatix.playspace.dc.js

1 MB
269 KB

64ms
42ms

Script
application/javascript

104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/249471/connatix.playspace.dc.js
Requested by: Host: amp.cntxcdm.com
URL: https://amp.cntxcdm.com/amp-embed/index.html?playerId=ps_067e5169-ece3-4ce8-87ad-c7961b8bb396&mediaId=d59f5d0c-2087-416a-821c-141798bc501e&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-icedid-variants-shift-from-bank-fraud-to-malware-delivery%2Famp%2F
Protocol: H2
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b363385144f97a32346c895947fb29566b1f5715ec25266a39da5165a2704b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:51 GMT
x-amz-version-id: w4hyTlzhumQaa2tNZxW2pKAZxVg80n79
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 14:43:54 GMT
server: cloudflare
etag: W/"4bd1970eaaf3feee90f677b4c7d98cf7"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7af1b7c529ca3810-FRA
access-control-allow-headers: range
expires: Wed, 27 Mar 2024 17:50:51 GMT

Redirect headers

date: Tue, 28 Mar 2023 17:50:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
location: https://cds.connatix.com/p/249471/connatix.playspace.dc.js
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7af1b7c428473810-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 si
capi.connatix.com/tr/ Frame EBE7 0
330 B 194ms
140ms Image
application/json 104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=067e5169-ece3-4ce8-87ad-c7961b8bb396
Requested by: Host: amp.cntxcdm.com
URL: https://amp.cntxcdm.com/amp-embed/index.html?playerId=ps_067e5169-ece3-4ce8-87ad-c7961b8bb396&mediaId=d59f5d0c-2087-416a-821c-141798bc501e&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-icedid-variants-shift-from-bank-fraud-to-malware-delivery%2Famp%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amp.cntxcdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7af1b7c42fc33a88-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame 872D 8 KB
1 KB 42ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9dc8e62b83994a1eda313381316790cec86d097f2c843ae416a097747864382b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Mar 2023 17:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 16:21:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Mar 2023 17:50:51 GMT

GET
H2 403 $$logo_url$$
cdn.privacy-mgmt.com/ Frame 872D 243 B
243 B 389ms
389ms Image
application/xml 18.66.147.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.privacy-mgmt.com/$$logo_url$$
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=741752&consentUUID=69a8085e-947e-4a53-a694-197a5fd8ffab&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsp.bleepingcomputer.com%2Fmms%2Fv2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-31.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b793b6a45ea13df9a4582252c0d9d11a7610e643977347dd8bc0c27cd16d191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/index.html?message_id=741752&consentUUID=69a8085e-947e-4a53-a694-197a5fd8ffab&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fcdn.privacy-mgmt.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsp.bleepingcomputer.com%2Fmms%2Fv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:51 GMT
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 0mQNEhLCixJywp0RvNNQPNe5-tlzlYW-S_K4OYkVi6Vay8ktnXHZlg==
x-cache: Error from cloudfront
content-type: application/xml

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 872D 44 KB
44 KB 38ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdn.privacy-mgmt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 26387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:04 GMT

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/249471/ Frame EBE7 114 KB
17 KB 25ms
19ms Stylesheet
text/css 104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/249471/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98b5c89940e91458aa4bd1a015b3c0427776a87c21425cda1b3cca922dea07c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amp.cntxcdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:51 GMT
x-amz-version-id: jLTuTWF6TGWEavn4WkPUXcCZ15_mcedl
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 14:43:54 GMT
server: cloudflare
etag: W/"4b106ce1432d0c45bdc634c57b072a20"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7af1b7c61b333810-FRA
access-control-allow-headers: range
expires: Wed, 27 Mar 2024 17:50:51 GMT

POST
H2 200 story Show response
capi.connatix.com/core/ Frame EE0A 10 KB
4 KB 184ms
184ms XHR
application/x-protobuf 104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=249471
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c38ae5b5f42c697ae67c66538c8f644db37b74fd896696f033553484d2a934e6

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 28 Mar 2023 17:50:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://amp.cntxcdm.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7af1b7c64a2a3a88-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012303151529000/v0/analytics-vendors/ 2 KB
812 B 9ms
8ms Fetch
application/json 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151529000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bleepingcomputer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 21 Mar 2023 20:16:37 GMT
age: 596055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "74735439b139b7a1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Mar 2024 20:16:37 GMT

GET
H3 200 comscore.json Show response
cdn.ampproject.org/rtv/012303151529000/v0/analytics-vendors/ 559 B
311 B 9ms
8ms Fetch
application/json 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151529000/v0/analytics-vendors/comscore.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b913d6f06cebe5484a2bf0de91fa809e331c5b4c7885a8bb67e971f1be57c48

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bleepingcomputer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 21 Mar 2023 21:45:45 GMT
age: 590707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
server: sffe
etag: "2c276f6543d0f788"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 20 Mar 2024 21:45:45 GMT

POST
H2 200 /
www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/ 71 KB
16 KB 997ms
996ms Ping
text/html 104.20.60.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/?cd=AMP&referrer=https%3A%2F%2Ffeedly.com%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&title=New%20IcedID%20variants%20shift%20from%20bank%20fraud%20to%20malware%20delivery

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

646c4fe491746f4e92bde40666f98bf8d7a998c454c20f3800995ae4d5353c07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-icedid-variants-shift-from-bank-fraud-to-malware-delivery/amp/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 17:50:53 GMT
content-security-policy: upgrade-insecure-requests;
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 27 Mar 2023 19:25:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7af1b7c729873a86-FRA
expires: 0

POST
H3 200 collect
www.google-analytics.com/r/ 35 B
55 B 15ms
15ms Ping
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%7B%7Btitle%7D%7D&sr=1600x1200&_utmht=1680025852039&cid=amp-sWYXYI46EV43GGOa-m4pjg&tid=UA-91740-1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-icedid-variants-shift-from-bank-fraud-to-malware-delivery%2Famp%2F&dr=https%3A%2F%2Ffeedly.com%2F&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.1346229257868219&_r=1&a=2626&z=0.39478098835305664

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 17:50:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insights.bin Show response
ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/13e8d558-d880-495d-8326-7a0fe69b30a3/ Frame EE0A 792 B
781 B 72ms
23ms XHR
application/x-protobuf 104.18.22.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/13e8d558-d880-495d-8326-7a0fe69b30a3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 775f93491e482d4dee1fd95a3071e314d219af0655c8dfe00abfac77ec22519b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Mar 2023 16:59:34 GMT
server: cloudflare
etag: W/"615ccea68cf0520e5a7f951a5eb0dc6b"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 7af1b7c7ff0a2c71-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 27 Mar 2024 17:50:52 GMT

GET
H2 200 insights.bin Show response
ins.connatix.com/d52dda8204f4f2e362d636459d2957e9/ Frame EE0A 360 B
308 B 197ms
149ms XHR
application/x-protobuf 104.18.22.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/d52dda8204f4f2e362d636459d2957e9/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d5df2a4d0c41159b138f3bf89f8a704032906cb67df0ba3a39e7ba05a5b5bd1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Mar 2023 02:23:18 GMT
server: cloudflare
etag: W/"f751576db5f0c4761ff996c5fa3661d3"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 7af1b7c7ff0c2c71-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 27 Mar 2024 17:50:52 GMT

POST sr
capi.connatix.com/tr/ Frame EE0A 0
0

GET
H/1.1 200
OK analytics.js Show response
s.srvsynd.com/2/234175/ Frame EBE7 6 KB
3 KB 173ms
34ms Script
text/javascript 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.bleepingcomputer.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1934463048097278276407909285888&de=2&to=3&pv=99b20444-eca8-4712-b87f-1392df49b0b7

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-130-15.eu-west-1.compute.amazonaws.com

Software

Resource Hash

1b41f97c548247092823e9c6ade46ecc4e0abec65268710456b020f2be122aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amp.cntxcdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 17:50:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2841
Expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EBE7 77 KB
26 KB 84ms
59ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

779a3add2468a1c0750dc92e0110ca426f34306ee0d247b9fb93e59981d1d7b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://amp.cntxcdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 17:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25968
x-xss-protection: 0
server: cafe
etag: 992 / 19444 / m202303210101 / config-hash: 14633356674667167543
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 17:50:52 GMT

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame EE0A 0
0

GET 13e8d558-d880-495d-8326-7a0fe69b30a3.bin
vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ Frame EE0A 0
0

POST
H/1.1 200
OK postback Show response
s.srvsynd.com/2/2.91.0/234175/AeeO1qAEEeZUL_46/ Frame EBE7 0
145 B 121ms
30ms XHR
text/plain 18.203.130.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.srvsynd.com/2/2.91.0/234175/AeeO1qAEEeZUL_46/postback?oz_pl=1&di=www.bleepingcomputer.com&md=2&de=2&ti=x1934463048097278276407909285888&to=3&pv=99b20444-eca8-4712-b87f-1392df49b0b7&dt=2341751597675869250012&ui=00000000-0000-0000-0000-000000000000&ap=undefined&sr=connatix.com&pp=102734&ci=234175&psv=2.91.0&_x=1
Requested by: Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.bleepingcomputer.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1934463048097278276407909285888&de=2&to=3&pv=99b20444-eca8-4712-b87f-1392df49b0b7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.130.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-130-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 28 Mar 2023 17:50:51 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7BLKHS9WWP&gtm=45je33r0&_p=858700651&cid=442340730.1680025848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680025850&sct=1&seg=0&dl=https%3A%2F%2Ffeedly.com%2Fi%2Fentry%2F52n1%2Fz%2FlTzTmgPyzjwpcQsgAXThWJnzNdlmdUTVJWGQ%3D_18724909a2b%3A47f0b0b%3Ac51640ac&dt=Feedly%20%E2%80%93%20Keep%20up%20with%20the%20topics%20and%20trends%20you%20care%20about&en=user_engagement&_fv=1&_ss=1&ep.debug_mode=false&up.experiments=

Domain: capi.connatix.com
URL: https://capi.connatix.com/tr/sr?v=249471&tier=2

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/13e8d558-d880-495d-8326-7a0fe69b30a3.bin

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.calendly.com/	1970-01-20 10:40:27	Name: __cf_bm Value: VRzZdCc1BpKTmw3_iUYqiyuNrH3aOrN7EzQ7fqZ_X_E-1680025848-0-AfbY/0SqCVMfnW5oaHay6PJTkn5dHpyIWz3GH9QM30HJbuScQKlpQB0YNZxcwOerrEDgGFK/XndTHId/RHsOc10=
.feedly.com/	1970-01-20 19:26:01	Name: AMP_MKTG_9f09d75df8 Value: JTdCJTdE
.feedly.com/	1970-01-20 19:26:01	Name: AMP_9f09d75df8 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI0MDc1OTM5OS03OTA3LTQ2NmQtOTc2Ny01MjY2MWM4NzA2MDAlMjIlMkMlMjJ1c2VySWQlMjIlM0FudWxsJTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY4MDAyNTg0ODQ0MSUyQyUyMm9wdE91dCUyMiUzQWZhbHNlJTdE
.feedly.com/	1970-01-20 10:41:52	Name: _gid Value: GA1.2.481054310.1680025848
.feedly.com/	1970-01-20 10:40:25	Name: _gat_unified Value: 1
m.stripe.com/	1970-01-20 20:16:25	Name: m Value: b9be5675-483e-452f-aa71-58aad4997b4ce0e72a
.feedly.com/	1970-01-20 19:26:01	Name: __stripe_mid Value: 7c23f0a3-79d7-40f4-bfb1-d302135e48bc196626
.feedly.com/	1970-01-20 10:40:27	Name: __stripe_sid Value: d35e0fdb-603c-47c5-a83d-cbed421894bacc1525
.bleepingcomputer.com/	1969-12-31 23:59:59	Name: session_id Value: 886323d7496eb724a9a318b4592ed0d4
www.bleepingcomputer.com/	1970-01-20 11:23:37	Name: lav Value: 16448
.feedly.com/	1970-01-20 20:16:25	Name: _ga_7BLKHS9WWP Value: GS1.1.1680025850.1.0.1680025850.0.0.0
.feedly.com/	1970-01-20 20:16:25	Name: _ga Value: GA1.1.442340730.1680025848
.bleepingcomputer.com/	1970-01-20 19:26:01	Name: AMP-CONSENT Value: amp-Vp75drAjN8i3V2gbYqV5FQ
sp.bleepingcomputer.com/	1970-01-20 19:26:01	Name: consentUUID Value: 69a8085e-947e-4a53-a694-197a5fd8ffab
sp.bleepingcomputer.com/	1970-01-20 11:23:37	Name: _sp_v1_uid Value: 1:985:6df52d42-5fa1-4dea-8787-9be55cbbb9ab
sp.bleepingcomputer.com/	1970-01-20 11:23:37	Name: _sp_v1_data Value: 2:565824:1680025851:0:1:0:1:0:0:_:-1
sp.bleepingcomputer.com/	1970-01-20 11:23:37	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbKKBjLyQAyD2lidGKVUEDOvNCcHyC4BK6iurVWKBQAW54XRMAAAAA%3D%3D
.bleepingcomputer.com/	1970-01-20 19:26:01	Name: comScore Value: amp-wgIFK9w8ugxaGVSH_lmZGw
.bleepingcomputer.com/	1970-01-20 19:26:01	Name: _ga Value: amp-sWYXYI46EV43GGOa-m4pjg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://cdn.privacy-mgmt.com/$$logo_url$$ Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amp.cntxcdm.com
api.feedly.com
assets.calendly.com
capi.connatix.com
ccpa.sp-prod.net
cd.connatix.com
cdn.ampproject.org
cdn.privacy-mgmt.com
cds.connatix.com
feedly.com
fonts.googleapis.com
fonts.gstatic.com
gdpr-tcfv2.sp-prod.net
imasdk.googleapis.com
ins.connatix.com
js.stripe.com
m.stripe.com
m.stripe.network
o115706.ingest.sentry.io
pagead2.googlesyndication.com
platform.twitter.com
q.stripe.com
region1.google-analytics.com
s.srvsynd.com
s1.feedly.com
securepubads.g.doubleclick.net
sp.bleepingcomputer.com
syndication.twitter.com
vid.connatix.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.googletagmanager.com
capi.connatix.com
imasdk.googleapis.com
region1.google-analytics.com
vid.connatix.com
104.18.22.41
104.18.23.41
104.20.59.241
104.20.60.209
104.244.42.200
13.224.189.32
151.101.64.176
172.67.75.139
18.203.130.15
18.66.112.88
18.66.147.31
2606:2800:234:59:254c:406:2366:268c
2606:4700:3108::ac42:28e6
2606:4700::6812:3fc
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
34.120.195.249
54.187.159.182
54.201.215.5
65.9.95.112
01d7cd20ae48276595d251c4b717223ec84f82f14dc578caac0c4c45f9a79a33
07db184a1a8ca8be7d1a39ee906db7df8a475eb552a1f90aa1ea9e92a02d41d2
092000b0af2e4207b7e0770219f6360ceee0d284d25470f2313196831f1aa7c1
09e48da3317ce23d67a0113bf76664fdcfc29f9b2393936abbff8b81e6960035
0d273ffa0de05bff34a563e95cdce28afe589df8cc3492173f93c99c233702f2
0ddae51548c637bc373c5e100574927f4a6f90b30b8f3b3bc919dc4f2c35e696
0e888676a7d0f967f0cbc4d412fd6078b50df8edfab0f6b0e6c785c1bc9204e7
17b98b3fb3fca21bc091742cbf9253dc382f32a999c0315d36f80d5ab9c180bf
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1b41f97c548247092823e9c6ade46ecc4e0abec65268710456b020f2be122aab
1b6ef2a2ff5a4d970620e02b429548dfb6acbf6e63a7ef4065502251d8433f00
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
26be28313858b1b2f63c168f46e818ab77cfa077a28c1688644b853a144c3f55
28386caebd744e1fe92aba2bca68f77e77f54c6000ac4edf14b3dd4cfd83cac1
2f1f00ab2248bdf9339c820e5aedd8a58e2fc1f637c58b10885e70828981f32e
2fa6cb5db3859a99ebca3781fb4d1690c5a8880b3ae2a6a5d6505a91d8ced1fd
316409397ddfa14595c7564f7116ac7f6d6183513c8534e600771dcf32c344f5
33066c3870b09478cc08461aaacb2159ebc51c79872440690b44570db9634bb7
34bb1c7ca084facdfd4822c3dd2d0f3f483ad2d071c52d30e54af52ae62deb02
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3d5df2a4d0c41159b138f3bf89f8a704032906cb67df0ba3a39e7ba05a5b5bd1
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
40375ae12c012227bde9a74c8d21c71300efe3d4a667201ed39e310c0c4614ae
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c63e74a97584b8a3e76dddc9819dcfd72480c7b8a22b243ebd15f18547ab82
48b81c24701d6842120185e052aa6d07247b28db12132fbf759924b4c1469310
4bd12e30c80ebaa26b56c4b2d9c16dc9b4f533a10b27271568c774c718644478
5173dad50bd846e641bed579b86efad4b39fc9683707318cf387b5ac37be9d1c
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
53e5ce6b2351efc14fb7d6becebaf224ab84ebb49ca66aac8060f721e6589eeb
55b6f6104cfd7e04d00a5ae495c955dcff509508d285d88b8a0f70152ffc5abf
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5af91676b6e0f138704a2275517c79d71946de80104a536a60f1a1ae64bf3033
63b114cf855f78413b765bc2e94cd3725c9c313c1bb63e488223372c59462f15
646c4fe491746f4e92bde40666f98bf8d7a998c454c20f3800995ae4d5353c07
666df6b58ed258a39995d5a62841b537e67860d4b0a11096f0b2366e661571d5
67c020636e0b1eda3fe0b956769f00bafd5866ffff3434bd6fa889b2f57f4dff
6b913d6f06cebe5484a2bf0de91fa809e331c5b4c7885a8bb67e971f1be57c48
6e4aeffb346c619d09d4ef2275d63674e7e86ef3a730f884e732daef749c7fdb
775f93491e482d4dee1fd95a3071e314d219af0655c8dfe00abfac77ec22519b
779a3add2468a1c0750dc92e0110ca426f34306ee0d247b9fb93e59981d1d7b8
7ac67a38f00e60960e2b7bac2aaf589746a474fbc55d72d5620f4cf760ceab38
7b363385144f97a32346c895947fb29566b1f5715ec25266a39da5165a2704b6
7b793b6a45ea13df9a4582252c0d9d11a7610e643977347dd8bc0c27cd16d191
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8839b10c626bf0782f56b89e282d9354a26c672b2f5b4b7f3367f358376bc6c3
8a6335dafef7d655074498ea565eb906865886d07640d8c3fc92e5f9502c6948
8b95095c2cc3c21094dfac58fa1c0d4fc95b7b5e544d8bce3d16c8a74a40c7b8
8bcb6f03385e4fd67a3537f6191dc019e325ab8064517ec102a60b5f25ea0aa7
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
9745ff6d46c5530df03c5111446030446581d4035d79a0bb62012f9d744e3a82
98b5c89940e91458aa4bd1a015b3c0427776a87c21425cda1b3cca922dea07c7
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949
9dc8e62b83994a1eda313381316790cec86d097f2c843ae416a097747864382b
a3cee6eb743b7ba39410869f8261cd59d19f24d4e90db9031990b42e7f87ef86
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ad63e0dbabc00f8a0496e13c188e063cd35b08beaea237eec6a67944d6fdc7bd
af66bc89979761dc99af570c54c1bd4c0773a5b341bbf1bc6f4f9accc1b0e826
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2314c48342ad7cc6027df1d72315ab46e781cb118d08127f7d658bb06b9f213
b29a604faee00f1eb2d17c49ba2f85921f786d3d987566a365312df049aef8af
bac2f6087e11a12a3bc674e9f45aaae103ddf213a5d02eed15454cae1b181226
bc38fe756b3e259248183fc0b75ad81b02774f3ca68e5e544e925827b0186d40
bd3137a5fa9b8646bf5513c7ad4990ee5e0cd136950bef8a62005acfed7647d7
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
bf781d1d517d80481c6149b616fe60fa70fca8409162b1d1c87513cd4bdbb6d4
c23d7fc8e13f41fd7ffa0fa4cadda61974b784eff6ac4fcec31d71f81d77745f
c38ae5b5f42c697ae67c66538c8f644db37b74fd896696f033553484d2a934e6
c3be0dcb64ce9c91194d3990067637bec66036c527ead4150f642d73418fda12
c427612d60d6ac15495d6a95e1746e48d2411b2bf482f84deb43c4a9e20c5106
cd1b95b99b813dcfbaf67905c752db4e31893aa83490c975368e4272f88163c2
de70d71e721d9cbb5d5a8ad971b97bcd280b23a5e43e98b30b07187e8fe4de8c
e2c08e4934ae4c7818d41f0dff0712b7e54b8d507ae0cc2bb6ef883a7ec5e5ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c2b200550ff5b1c078b2eb9cb177145904a01b23e84cde65721369a85362dc
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f410a3f7fd756255808c81acc7244e4682a90f15e941a1eba37065aa6cf7abd7
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6238b9b8fd6c313354f75d140c7d92663e75458e4c8cac11d9894a113432ff3
fcab841009e2a27ca090fc374de555dee3e1db92bf131c4c9b63a025117a3251
ff8aa66a64790b35bffe6f299fad48c03e16e60ffabd11f7eeb19552b3ac9609

www.bleepingcomputer.com Open in urlscan Pro 104.20.60.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

95 %HTTPS

40 %IPv6

20 Domains

33 Subdomains

26 IPs

4 Countries

3508 kBTransfer

9844 kBSize

19 Cookies

3 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

95 %
HTTPS

40 %
IPv6

20
Domains

33
Subdomains

26
IPs

4
Countries

3508 kB
Transfer

9844 kB
Size

19
Cookies

102 HTTP transactions
5 data transactions