www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Submission: On February 05 via api (February 5th 2020, 6:43:09 am UTC) from DE

Summary HTTP 522 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 62 IPs in 7 countries across 42 domains to perform 522 HTTP transactions. The main IP is 104.20.59.209, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 12th 2018. Valid for: 2 years.

This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.20.59.209 104.20.59.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
32	104.26.13.6 104.26.13.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::681a:8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.71.236.117 212.71.236.117	63949 (LINODE-AP...) (LINODE-AP Linode)
4	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
9	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:a600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:b600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:3a00:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.35.253.19 13.35.253.19	16509 (AMAZON-02) (AMAZON-02)
1	54.88.18.195 54.88.18.195	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
3	35.188.71.214 35.188.71.214	15169 (GOOGLE) (GOOGLE)
1	143.204.214.78 143.204.214.78	16509 (AMAZON-02) (AMAZON-02)
8	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
29	52.210.0.3 52.210.0.3	16509 (AMAZON-02) (AMAZON-02)
2 4	104.108.39.228 104.108.39.228	16625 (AKAMAI-AS) (AKAMAI-AS)
6	99.86.0.120 99.86.0.120	16509 (AMAZON-02) (AMAZON-02)
3	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
6	52.73.64.251 52.73.64.251	14618 (AMAZON-AES) (AMAZON-AES)
5	35.226.134.247 35.226.134.247	15169 (GOOGLE) (GOOGLE)
9	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
66	185.33.223.221 185.33.223.221	29990 (ASN-APPNEX) (ASN-APPNEX)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
25	3.124.246.214 3.124.246.214	16509 (AMAZON-02) (AMAZON-02)
4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
9	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
6 18	152.199.22.24 152.199.22.24	15133 (EDGECAST) (EDGECAST)
33	2a02:fa8:8806... 2a02:fa8:8806:12::1430	41041 (VCLK-EU-) (VCLK-EU-)
8	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
4	52.58.48.163 52.58.48.163	16509 (AMAZON-02) (AMAZON-02)
29	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	143.204.214.55 143.204.214.55	16509 (AMAZON-02) (AMAZON-02)
6	35.226.36.58 35.226.36.58	15169 (GOOGLE) (GOOGLE)
2	13.35.253.101 13.35.253.101	16509 (AMAZON-02) (AMAZON-02)
29	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
29	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
28	52.18.86.70 52.18.86.70	16509 (AMAZON-02) (AMAZON-02)
1	52.7.20.116 52.7.20.116	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	151.101.113.140 151.101.113.140	54113 (FASTLY) (FASTLY)
28	54.77.114.180 54.77.114.180	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2014	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2006	15169 (GOOGLE) (GOOGLE)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.37.55.184 23.37.55.184	16625 (AKAMAI-AS) (AKAMAI-AS)
4	35.157.209.134 35.157.209.134	16509 (AMAZON-02) (AMAZON-02)
522	62

1 104.20.59.209 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepingcomputer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.26.13.6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s9.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8b (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.71.236.117 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-212-71-236-117.london.nodebalancer.linode.com

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdns.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ck.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:a600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:b600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:3a00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.19 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-19.fra6.r.cloudfront.net

api.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.18.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-18-195.compute-1.amazonaws.com

core.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.188.71.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.71.188.35.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-78.fra53.r.cloudfront.net

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 52.210.0.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.108.39.228 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-39-228.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.0.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-120.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.73.64.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-64-251.compute-1.amazonaws.com

trk.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.226.134.247 (United States)

ASN15169 (GOOGLE, US)
PTR: 247.134.226.35.bc.googleusercontent.com

prebid.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 185.33.223.221 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 3.124.246.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 152.199.22.24 (United States) 6 redirects

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a02:fa8:8806:12::1430 (Sweden)

ASN41041 (VCLK-EU-, SE)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

freestar-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.48.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-48-163.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.55 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-55.fra53.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.226.36.58 (United States)

ASN15169 (GOOGLE, US)
PTR: 58.36.226.35.bc.googleusercontent.com

c.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-101.fra6.r.cloudfront.net

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 52.18.86.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com

bc-rtb-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.20.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-20-116.compute-1.amazonaws.com

cluster-na.cdnjquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 54.77.114.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com

vid-io.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ima3vpaid.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.209.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-209-134.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
114	springserve.com vid.springserve.com vpaid.springserve.com bc-rtb-dub.springserve.com vid-io.springserve.com	3 MB
70	adnxs.com ib.adnxs.com acdn.adnxs.com	70 KB
33	dotomi.com web.hb.ad.cpe.dotomi.com	28 KB
32	bleepstatic.com www.bleepstatic.com	294 KB
29	sonobi.com apex.go.sonobi.com	17 KB
29	vidible.tv cdn-ssl.vidible.tv	224 KB
25	sharethrough.com btlr.sharethrough.com	3 KB
18	advertising.com 6 redirects adserver-us.adtech.advertising.com	6 KB
17	connatix.com cdn.connatix.com cdns.connatix.com ck.connatix.com core.connatix.com i.connatix.com trk.connatix.com	677 KB
16	pub.network a.pub.network d.pub.network prebid.pub.network c.pub.network	227 KB
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	282 KB
12	doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net	112 KB
10	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	68 KB
9	districtm.io dmx.districtm.io cdn.districtm.io	732 B
8	3lift.com tlx.3lift.com eb2.3lift.com	2 KB
8	openx.net freestar-d.openx.net eu-u.openx.net	2 KB
8	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	22 KB
6	ampproject.org cdn.ampproject.org	112 KB
6	amazon-adsystem.com c.amazon-adsystem.com	30 KB
6	consensu.org quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org vendorlist.consensu.org api.quantcast.mgr.consensu.org audit.quantcast.mgr.consensu.org	139 KB
5	google.com 2 redirects www.google.com cse.google.com adservice.google.com	2 KB
4	casalemedia.com as-sec.casalemedia.com	4 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	5 KB
4	gstatic.com fonts.gstatic.com	44 KB
4	googleapis.com fonts.googleapis.com imasdk.googleapis.com	106 KB
3	fastly.net confiant-integrations.global.ssl.fastly.net	76 KB
3	googletagservices.com www.googletagservices.com	69 KB
3	addthis.com s9.addthis.com s7.addthis.com	189 KB
2	reddit.com www.reddit.com	2 KB
2	facebook.com graph.facebook.com	1016 B
2	ad-delivery.net ad-delivery.net	1 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	2mdn.net s0.2mdn.net	10 KB
1	appspot.com ima3vpaid.appspot.com	915 B
1	cdnjquery.com cluster-na.cdnjquery.com	356 B
1	videoplayerhub.com freestar-io.videoplayerhub.com	24 KB
1	addthisedge.com v1.addthisedge.com	855 B
1	moatads.com z.moatads.com	1 KB
1	google.de adservice.google.de	171 B
1	analysis.fi ecdn.analysis.fi	2 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	bleepingcomputer.com www.bleepingcomputer.com	15 KB
522	42

	Domain	Requested by
66	ib.adnxs.com	a.pub.network vpaid.springserve.com
33	web.hb.ad.cpe.dotomi.com	a.pub.network vpaid.springserve.com
32	www.bleepstatic.com	www.bleepingcomputer.com cdn.connatix.com www.bleepstatic.com
29	apex.go.sonobi.com	vpaid.springserve.com
29	cdn-ssl.vidible.tv	vpaid.springserve.com
29	vpaid.springserve.com	cdns.connatix.com
29	vid.springserve.com	cdns.connatix.com
28	vid-io.springserve.com	vpaid.springserve.com
28	bc-rtb-dub.springserve.com	vpaid.springserve.com
25	btlr.sharethrough.com	a.pub.network
18	adserver-us.adtech.advertising.com	6 redirects a.pub.network
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net www.bleepingcomputer.com cdn.ampproject.org
9	fastlane.rubiconproject.com	a.pub.network
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.bleepingcomputer.com
7	i.connatix.com	www.bleepingcomputer.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
6	c.pub.network	a.pub.network
6	trk.connatix.com	www.bleepingcomputer.com
6	c.amazon-adsystem.com	a.pub.network c.amazon-adsystem.com
5	dmx.districtm.io	a.pub.network
5	prebid.pub.network	a.pub.network
5	pagead2.googlesyndication.com	www.bleepingcomputer.com pagead2.googlesyndication.com
4	eb2.3lift.com	a.pub.network
4	eu-u.openx.net	a.pub.network
4	acdn.adnxs.com	a.pub.network
4	ads.pubmatic.com	a.pub.network
4	cdn.districtm.io	a.pub.network
4	tlx.3lift.com	a.pub.network
4	freestar-d.openx.net	a.pub.network
4	as-sec.casalemedia.com	a.pub.network
4	hbopenbid.pubmatic.com	a.pub.network
4	sb.scorecardresearch.com	2 redirects www.bleepingcomputer.com
4	fonts.gstatic.com	www.bleepingcomputer.com cdn.connatix.com
3	imasdk.googleapis.com	www.bleepingcomputer.com imasdk.googleapis.com
3	confiant-integrations.global.ssl.fastly.net	a.pub.network confiant-integrations.global.ssl.fastly.net
3	d.pub.network	a.pub.network
3	www.googletagservices.com	pagead2.googlesyndication.com a.pub.network www.bleepingcomputer.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.reddit.com	s9.addthis.com
2	graph.facebook.com	s9.addthis.com
2	ad-delivery.net	freestar-io.videoplayerhub.com
2	s7.addthis.com	s9.addthis.com
2	static.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
2	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.bleepingcomputer.com
2	a.pub.network	www.bleepingcomputer.com a.pub.network
2	www.google.com	2 redirects
1	eus.rubiconproject.com	a.pub.network
1	s0.2mdn.net	imasdk.googleapis.com
1	ima3vpaid.appspot.com	vpaid.springserve.com
1	cluster-na.cdnjquery.com	freestar-io.videoplayerhub.com
1	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
1	freestar-io.videoplayerhub.com	a.pub.network
1	v1.addthisedge.com	s9.addthis.com
1	z.moatads.com	s9.addthis.com
1	core.connatix.com	cdns.connatix.com
1	api.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	vendorlist.consensu.org	quantcast.mgr.consensu.org
1	ck.connatix.com	cdns.connatix.com
1	ad.doubleclick.net	www.bleepingcomputer.com
1	quantcast.mgr.consensu.org	www.bleepstatic.com
1	adservice.google.de	pagead2.googlesyndication.com
1	cdns.connatix.com	cdn.connatix.com
1	ecdn.analysis.fi	www.bleepingcomputer.com
1	s9.addthis.com	www.bleepingcomputer.com
1	cse.google.com	www.bleepingcomputer.com
1	www.googletagmanager.com	www.bleepingcomputer.com
1	cdn.connatix.com	www.bleepingcomputer.com
1	fonts.googleapis.com	www.bleepingcomputer.com
1	www.bleepingcomputer.com
522	70

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
deals.bleepingcomputer.com
connatix.com

Subject Issuer	Validity	Valid
bleepingcomputer.com COMODO RSA Domain Validation Secure Server CA	`2018-05-12` - `2020-05-17`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-11` - `2020-10-09`	a year	crt.sh
j3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-04` - `2021-01-14`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.analysis.fi Sectigo RSA Domain Validation Secure Server CA	`2019-06-13` - `2020-06-12`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2019-05-06` - `2020-06-06`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2019-03-06` - `2020-04-06`	a year	crt.sh
*.connatix.com Amazon	`2019-10-19` - `2020-11-19`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.pub.network Go Daddy Secure Certificate Authority - G2	`2019-02-09` - `2020-05-16`	a year	crt.sh
*.videoplayerhub.com Amazon	`2019-07-18` - `2020-08-18`	a year	crt.sh
*.springserve.com Amazon	`2020-01-21` - `2021-02-21`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-12-18` - `2020-12-18`	a year	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2019-03-26` - `2020-03-26`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.sharethrough.com Amazon	`2019-10-07` - `2020-11-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adtech.advertising.com DigiCert SHA2 High Assurance Server CA	`2018-05-22` - `2020-05-26`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
ad-delivery.net Amazon	`2019-03-07` - `2020-04-07`	a year	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2020-01-30` - `2020-07-28`	6 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
*.assetbucket.net Amazon	`2019-09-11` - `2020-10-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.appspot.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh

This page contains 61 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Frame ID: 2DDD4DA0F0B4FEAAFA7CF34E65D21E34
Requests: 208 HTTP requests in this frame

Frame: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Frame ID: 3C5378459BC7A000C634A8C8AEE0C72D
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200203/r20190131/zrt_lookup.html
Frame ID: 019BCB01E99950CA8C08383908CAA798
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1579563225&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1580884971886&bpp=4&bdt=275&fdt=39&idt=39&shv=r20200203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5656398574392&frm=20&pv=2&ga_vid=1151093400.1580884972&ga_sid=1580884972&ga_hid=644923547&ga_fc=0&iag=0&icsg=549758443520&dssz=39&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3831766069245500&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=48
Frame ID: A633A3DC48B129406D8A8B707CEC2A1F
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v28/cmp-3pc-check.html
Frame ID: 3F0CAB5C7D6BD93BC9C955A09D6767E5
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: DA1CBAE752668DF0AB27024B45D44830
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 667988DF052A6FFC68618E8D15B5E164
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: E1636538104D783AAF1A432A41C472A0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsul45KYp7_1jNbzV5KgY49YDphtYikw0Ro-W78iKt7B337T-KmhZJLa9tHHcrQl5FEFkO3CM0974NC6Nq8zRQMETPmI71rabb5rNBjFSxF9wvyHcGPzpia7T9AmbzAbtK8rRx-xAjM_JVqvCvepBfkNJFJ1Qhrik94xCwDtp9H1moI8Pn6CNetf47t9RBNvpvMtInPtzY9obGetyf7JhDB6c-_r2vhRFdo9RSER-dR_fQ7sie66GBEp85fFHTRQemiKoilMASSsCqQ0eJ6zpdkRgKPbz8drc6gA&sig=Cg0ArKJSzKZl6wKCiCDJEAE&urlfix=1&adurl=
Frame ID: A3AD97AB990C7CC55EEE76DA6566EB92
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Frame ID: 348DD7679A41A8729B1F51DBB3ECB5C4
Requests: 14 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 3F058905F160541AE189E12A38372C11
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 6D30C76F50358A1BF3FD2CC21499C078
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 59DD50C36DC3FD48AED143541247974E
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D400x300%257C640x480%26max_ad_duration%3D30000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1580884975401%26ord%3D1580884975401&type=js
Frame ID: 3042586005580B35EFF5C43A1C7DC490
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.365.1_en.html
Frame ID: E5ADFEC020FBEE754AC510686CF1AC96
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 0F1E6FEA5DD2E3267E97E1FAF4954B25
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 37DE8E631A560E90CED73CFE3B789766
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: E908B2E8C6F99E16C897BD93A38341AD
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: AAE5DEEF965B517870D3035312F675F7
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: BC17F0E2E27617394FD7B0E459AE83B4
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 1E371B872EF2498967B6A6196562612E
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 6653E8D15B1613E6FA3AE871711131BF
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: C3CB6B59B63DC2BB788316E4DFF0ABAD
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: BE9A0E2373E8D8BE2F68D67936D4ADB4
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: BDBD4DC8F8BCBA00A91A6516A7AC583E
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: BCBFCE985B79F182940D434234E30757
Requests: 8 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 68A885E0A4937EA8FF0E4D8DACACCB09
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DBDD1D078AE4357B2D861C301A83D324
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: C1C4E6915CA94AE6D3BA02A1BD24E1A4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 7269BF3FDECBB389E6D6F1627989CEBB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CDCDDCB9FD3FC5CBF1C468AE3F6BB2C3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AD52340A565E3A543B349ED0E4A15074
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: 48F83D5C35BAD367ECB4106CD992456A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 36DCA74F571FBFBA873D3327C6541E04
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: BDED5F25A9A4CD04E7BBA1254DD1A051
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: D31A969C5C2D8D2E707BF68FE73A39AE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 828D7B6C767610B73AEC5FFC81E9A386
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: C5FB282BBFC0871F9F88BEC3DE5C5834
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: 559F25382BC1EA6325C6EB597BD6EEC1
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: AFF2C3C930A71777DCE7E61E1FDCD528
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 48BEA35A3BEF2CF3E570CB34B55C114D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 113E2992E729ADF890FB93C134FD53E5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AD20EEA73936933736731298F2A48ED0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 53F313EB35C1BBBAE9C1AB92F385CEE2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 5CB973A7515839D0F8348DB3DF4DA30A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 6AE580F22ADD64DF1574F203296CA4BC
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: 374108C5E7BF2E2B7106CEF35229D70B
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: C312842A8AC9BEBCA7847BEA9DA6CFCC
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 2BB55F2C755DFDB4F2D14DA5713E3314
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 3441FFE8ACDCA7B383271DB49F376C85
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 4200A98FC836E78D500F799947EA5A93
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 6C6DCAEC5A556C53EFDF27D636554118
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 9ED69707E7B8036931B65EC8381ACA56
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 1CCD9D7120A1A1EE02D7E0FE3A8B2229
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 726936B5FB5C252F49D2E8E5BF893984
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 1AE5E117FC51581F57AC4B5031351412
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 12FEE10A0636514B599E90EEE624DC38
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: F55605838A4398AD4661E319DC0350BD
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 6792FADC0952DBECA803CAE3257DC525
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 17DAFF58ADB2D9C13A7178DA0710660C
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: DC9C143AB7E315E680A5A72B1AA6EFD2
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

522
Requests

91 %
HTTPS

34 %
IPv6

42
Domains

70
Subdomains

62
IPs

7
Countries

5692 kB
Transfer

19453 kB
Size

14
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/BleepingComputer

Search URL Search Domain Scan URL

URL: https://twitter.com/BleepinComputer

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BleepingComputer

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/
Title: Deals

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/elearning?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: eLearning

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/certifications?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: IT Certification Courses

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/gear-gadgets?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: Gear + Gadgets

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/collections/tag-cyber-security?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: Security

Search URL Search Domain Scan URL

URL: https://twitter.com/malwrhunterteam/status/1215194313380061184
Title: discovered by MalwareHunterTeam

Search URL Search Domain Scan URL

URL: https://connatix.com/
Title: .st0{fill:#FFFFFF;}.st1{fill:#0099FF;}

Search URL Search Domain Scan URL

URL: https://twitter.com/LawrenceAbrams

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request Chain 83

https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1580884972455&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1580884972456&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&c8=&c9=&cs_ucfr=0 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1580884972455&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1580884972456&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&c8=&c9=&cs_ucfr=0&cs_ak_ss=1

Request Chain 88

https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1580884972455&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=40&ns_st_cl=30000&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=40&ns_st_dpt=40&ns_st_ipt=40&ns_st_et=40&ns_st_det=40&ns_st_upc=40&ns_st_dupc=40&ns_st_iupc=40&ns_st_upa=40&ns_st_dupa=40&ns_st_iupa=40&ns_st_lpc=40&ns_st_dlpc=40&ns_st_lpa=40&ns_st_dlpa=40&ns_st_pa=40&ns_ts=1580884972496&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&c8=&c9=&cs_ucfr=0 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1580884972455&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=40&ns_st_cl=30000&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=40&ns_st_dpt=40&ns_st_ipt=40&ns_st_et=40&ns_st_det=40&ns_st_upc=40&ns_st_dupc=40&ns_st_iupc=40&ns_st_upa=40&ns_st_dupa=40&ns_st_iupa=40&ns_st_lpc=40&ns_st_dlpc=40&ns_st_lpa=40&ns_st_dlpa=40&ns_st_pa=40&ns_ts=1580884972496&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&c8=&c9=&cs_ucfr=0&cs_ak_ss=1

Request Chain 120

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1406f559bf510977;misc=1580884972565; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580884972;v=2;cmd=bid;cors=yes;alias=1406f559bf510977;misc=1580884972565

Request Chain 123

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=143d7ff262f2a42d;misc=1580884972566; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=143d7ff262f2a42d;misc=1580884972566

Request Chain 126

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1466c91242e9c984;misc=1580884972566; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=1466c91242e9c984;misc=1580884972566

Request Chain 182

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=199341c66e283b31;misc=1580884974387; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1Abcd369a4-47e2-11ea-95bc-12a8bb4804a8;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=199341c66e283b31;misc=1580884974387

Request Chain 183

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=200e4dca88ade802;misc=1580884974387; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1Abcd4049a-47e2-11ea-b193-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=200e4dca88ade802;misc=1580884974387

Request Chain 184

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=201a88fe6f09e818;misc=1580884974387; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1Abcd3f34c-47e2-11ea-b983-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=201a88fe6f09e818;misc=1580884974387

Request Chain 203

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

522 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/ 67 KB
15 KB 633ms
580ms Document
text/html 104.20.59.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.59.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d0fe4ffa3fac96558d954d11392e71ff8b87bf9f31343762340cba3f1daf0a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.bleepingcomputer.com
:scheme: https
:path: /news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Wed, 05 Feb 2020 06:42:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d13dda3b222b9da1b1c0ee6cd11e983a51580884971; expires=Fri, 06-Mar-20 06:42:51 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly; SameSite=Lax; Secure session_id=d6155ca050fa26ac090755b916440815; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=7592; expires=Fri, 06-Mar-2020 06:42:51 GMT; Max-Age=2592000; path=/;Secure
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
last-modified: Mon, 20 Jan 2020 23:33:45 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5602e81d0a9af40f-LHR
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 14 KB
905 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6265788182730e69c40e24d29a7ef28046a82c2f25620bae0999ba621effad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 05 Feb 2020 06:42:51 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 05 Feb 2020 06:42:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Wed, 05 Feb 2020 06:42:51 GMT

GET
H2 200 bootstrap.css
www.bleepstatic.com/css/redesign/ 111 KB
17 KB 112ms
29ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 5280
cf-polished: origSize=137522
status: 200
cf-bgj: minify
last-modified: Fri, 23 Sep 2016 14:33:06 GMT
server: cloudflare
etag: W/"2184297232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5602e8212dd4ce8f-LHR
expires: Sat, 23 Mar 2019 05:29:58 GMT

GET
H2 200 main.css
www.bleepstatic.com/css/redesign/ 51 KB
9 KB 131ms
49ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 697279
cf-polished: origSize=60842
status: 200
cf-bgj: minify
last-modified: Thu, 16 Aug 2018 15:28:40 GMT
server: cloudflare
etag: W/"4249134023"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5602e8212dd5ce8f-LHR
expires: Tue, 12 Nov 2019 07:00:33 GMT

GET
H2 200 home.css
www.bleepstatic.com/css/redesign/ 12 KB
3 KB 131ms
48ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/home.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 5001
cf-polished: origSize=14998
status: 200
cf-bgj: minify
last-modified: Sat, 24 Mar 2018 16:18:00 GMT
server: cloudflare
etag: W/"2402535603"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5602e8212dd8ce8f-LHR
expires: Thu, 28 Mar 2019 00:17:49 GMT

GET
H2 200 news.css
www.bleepstatic.com/css/redesign/ 27 KB
5 KB 157ms
74ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/news.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d44b93a0af159f0d547d7ec89e9227a5667ce1171bc630e6fbf79dae0e596e2d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 4038
cf-polished: origSize=32905
status: 200
cf-bgj: minify
last-modified: Tue, 26 Nov 2019 02:56:16 GMT
server: cloudflare
etag: W/"400467278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5602e8212dd9ce8f-LHR
expires: Tue, 31 Dec 2019 03:31:34 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
www.bleepstatic.com/js/redesign/ 94 KB
32 KB 139ms
56ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Apr 2015 12:36:44 GMT
server: cloudflare
age: 5518
etag: W/"3647451394"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3024000
cf-ray: 5602e8212ddace8f-LHR
access-control-allow-origin: *
expires: Tue, 07 Jan 2020 05:59:39 GMT

GET
H2 200 news.js Show response
www.bleepstatic.com/js/redesign/ 183 B
533 B 111ms
28ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/news.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 4038
cf-polished: origSize=247
status: 200
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 15:41:46 GMT
server: cloudflare
etag: W/"4218930423"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5602e8212ddbce8f-LHR
expires: Thu, 19 Dec 2019 04:54:08 GMT

GET
H2 200 connatix.renderer.infeed.min.js Show response
cdn.connatix.com/min/ 957 B
1 KB 158ms
38ms Script
application/javascript 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: b9a2c1df7348967f289fb304b6412bd540129c551d87490c79a80ddfc0908c28

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-cache: HIT
content-type: application/javascript
status: 200
x-referer-host: bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-cache-hits: 0
accept-ranges: bytes
x-timer: S1580884972.750970,VS0,VE0
content-length: 957
retry-after: 0
x-served-by: cache-fra19154-FRA

GET
H2 200 qc-consent.js Show response
www.bleepstatic.com/js/qc-consent/ 3 KB
1 KB 29ms
28ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 5258
cf-polished: origSize=3848
status: 200
cf-bgj: minify
last-modified: Thu, 07 Feb 2019 13:49:44 GMT
server: cloudflare
etag: W/"3981350888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5602e821bedace8f-LHR
expires: Thu, 07 Nov 2019 07:15:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43d59de3302abf78124803aded3755d4e518f0f6edf47c5a0f08aa31ab727751

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=300; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28466
x-xss-protection: 0
last-modified: Wed, 05 Feb 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Feb 2020 06:42:51 GMT

GET
H2 200 logo.png
www.bleepstatic.com/images/site/ 1 KB
1 KB 26ms
25ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 38268
cf-polished: origFmt=png, origSize=1882
status: 200
content-disposition: inline; filename="logo.webp"
cf-bgj: imgq:85
content-length: 1152
last-modified: Sat, 04 Mar 2017 04:12:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821bedbce8f-LHR
expires: Thu, 05 Mar 2020 20:05:03 GMT

GET
H2

200

brand Show response
cse.google.com/coop/cse/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

3 KB
2 KB

18ms
6ms

Script
text/javascript

2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
age: 1271
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1181
x-xss-protection: 0
expires: Wed, 05 Feb 2020 06:51:40 GMT

Redirect headers

date: Wed, 05 Feb 2020 06:42:51 GMT
x-content-type-options: nosniff
server: sffe
location: https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 266
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 105 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2056d8cde546a77c2732250c33a7b6b9f5ee6060055ac9c1396681e6caabd5c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37746
x-xss-protection: 0
server: cafe
etag: 11791201559092296792
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Feb 2020 06:42:51 GMT

GET
H2 200 twitter.png
www.bleepstatic.com/images/site/login/ 282 B
540 B 27ms
26ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login/twitter.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 37042
cf-polished: origFmt=png, origSize=475
status: 200
content-disposition: inline; filename="twitter.webp"
cf-bgj: imgq:85
content-length: 282
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821bedcce8f-LHR
expires: Thu, 05 Mar 2020 20:25:29 GMT

GET
H2 200 bootstrap.js Show response
www.bleepstatic.com/js/redesign/ 44 KB
10 KB 31ms
30ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 5280
cf-polished: origSize=65813
status: 200
cf-bgj: minify
last-modified: Thu, 23 Apr 2015 12:36:43 GMT
server: cloudflare
etag: W/"3930092018"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5602e821beddce8f-LHR
expires: Tue, 26 Mar 2019 04:15:43 GMT

GET
H2 200 blazy.min.js Show response
www.bleepstatic.com/js/blazy/ 5 KB
2 KB 46ms
46ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Aug 2018 21:06:19 GMT
server: cloudflare
age: 5072
etag: W/"753357888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3024000
cf-ray: 5602e8215e29ce8f-LHR
access-control-allow-origin: *
expires: Wed, 01 Jan 2020 06:03:54 GMT

GET
H2 200 bleep.js Show response
www.bleepstatic.com/js/redesign/ 3 KB
767 B 26ms
25ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bleep.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 192634
cf-polished: origSize=3600
status: 200
cf-bgj: minify
last-modified: Mon, 01 Oct 2018 12:47:57 GMT
server: cloudflare
etag: W/"2696894447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5602e821bedece8f-LHR
expires: Mon, 09 Mar 2020 01:12:16 GMT

GET
H2 200 jquery.fancybox.js Show response
www.bleepstatic.com/js/redesign/fancybox/ 31 KB
9 KB 29ms
28ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 697257
cf-polished: origSize=48706
status: 200
cf-bgj: minify
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"327140449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5602e821bee0ce8f-LHR
expires: Tue, 03 Mar 2020 05:01:54 GMT

GET
H2 200 fixto.min.js Show response
www.bleepstatic.com/js/fixto/ 8 KB
3 KB 27ms
26ms Script
text/javascript 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 13 Jun 2015 21:34:42 GMT
server: cloudflare
age: 3463
etag: W/"1740214911"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3024000
cf-ray: 5602e821bed9ce8f-LHR
access-control-allow-origin: *
expires: Thu, 19 Dec 2019 04:53:37 GMT

GET
H2 200 addthis_widget.js Show response
s9.addthis.com/js/300/ 349 KB
113 KB 376ms
206ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s9.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: "5e2765c1-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Wed, 05 Feb 2020 06:42:52 GMT
x-host: s9.addthis.com
content-length: 114924

GET
H2 200 pubfig.min.js Show response
a.pub.network/bleepingcomputer-com/ 441 KB
117 KB 446ms
414ms Script
application/javascript 2606:4700:20::681a:8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e862f9054c5c3227ef21f89903cabef9ab111a1bc9ad139211865097eaaeea3b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
status: 200
x-guploader-uploadid: AEnB2UqnFzBwZ_Wb_XvprM78Oem5qrndVS469tm-67FXbJqtb9j95KJQe8oeJAGm_XCaUpoIk2aun03r-qTa97gbSF2KMb965Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Fri, 31 Jan 2020 22:29:53 GMT
server: cloudflare
etag: W/"9f999092d4aff69ca36da0f609e11c21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=C8tM6Q==, md5=n5mQktSv9pyjbaD2CeEcIQ==
content-type: application/javascript
x-goog-generation: 1580509793522946
cache-control: public, max-age=1800
x-goog-stored-content-length: 451579
cf-ray: 5602e821dc21dfa5-FRA
expires: Wed, 05 Feb 2020 06:43:52 GMT

GET
H/1.1 200
OK fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 93ms
24ms Script
application/javascript 212.71.236.117
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.71.236.117 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-212-71-236-117.london.nodebalancer.linode.com
Software: nginx/1.12.2 /
Resource Hash: affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 06:46:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jul 2015 00:00:00 GMT
Server: nginx/1.12.2
ETag: "55a5a280-560"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: close
Content-Length: 1376
Expires: Wed, 05 Feb 2020 07:46:45 GMT

GET
H2 200 login_bg.png
www.bleepstatic.com/images/site/ 126 B
346 B 26ms
25ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login_bg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 38268
cf-polished: origFmt=png, origSize=187
status: 200
content-disposition: inline; filename="login_bg.webp"
cf-bgj: imgq:85
content-length: 126
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821bee5ce8f-LHR
expires: Thu, 05 Mar 2020 20:05:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin: https://www.bleepingcomputer.com

Response headers

date: Sat, 01 Feb 2020 11:35:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 328039
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Sun, 31 Jan 2021 11:35:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin: https://www.bleepingcomputer.com

Response headers

date: Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 453152
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:50:19 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 nav_bg.png
www.bleepstatic.com/images/site/ 72 B
233 B 28ms
27ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/nav_bg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 36472
cf-polished: origFmt=png, origSize=83
status: 200
content-disposition: inline; filename="nav_bg.webp"
cf-bgj: imgq:85
content-length: 72
last-modified: Sat, 04 Mar 2017 07:57:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821cef8ce8f-LHR
expires: Thu, 05 Mar 2020 20:34:59 GMT

GET
H2 200 20x20-printer.png
www.bleepstatic.com/images/site/ 422 B
612 B 26ms
25ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by: Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 37352
cf-polished: origFmt=png, origSize=824
status: 200
content-disposition: inline; filename="20x20-printer.webp"
cf-bgj: imgq:85
content-length: 422
last-modified: Sat, 03 Oct 2015 03:18:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821df1fce8f-LHR
expires: Thu, 05 Mar 2020 20:20:19 GMT

GET
H2 200 calendar.png
www.bleepstatic.com/images/site/ 86 B
249 B 27ms
26ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/calendar.png
Requested by: Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 38179
cf-polished: origFmt=png, origSize=129
status: 200
content-disposition: inline; filename="calendar.webp"
cf-bgj: imgq:85
content-length: 86
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821df21ce8f-LHR
expires: Thu, 05 Mar 2020 20:06:32 GMT

GET
H2 200 clock.png
www.bleepstatic.com/images/site/ 252 B
510 B 27ms
26ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/clock.png
Requested by: Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 35958
cf-polished: origFmt=png, origSize=1316
status: 200
content-disposition: inline; filename="clock.webp"
cf-bgj: imgq:85
content-length: 252
last-modified: Fri, 29 May 2015 07:08:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821df22ce8f-LHR
expires: Thu, 05 Mar 2020 20:43:33 GMT

GET
H2 200 comment-light.png
www.bleepstatic.com/images/site/ 96 B
410 B 25ms
24ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/comment-light.png
Requested by: Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 37438
cf-polished: origFmt=png, origSize=1034
status: 200
content-disposition: inline; filename="comment-light.webp"
cf-bgj: imgq:85
content-length: 96
last-modified: Fri, 29 May 2015 07:08:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821df23ce8f-LHR
expires: Thu, 05 Mar 2020 20:18:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 04 Feb 2020 02:00:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 103318
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Wed, 03 Feb 2021 02:00:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 04 Feb 2020 03:48:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 96876
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Wed, 03 Feb 2021 03:48:15 GMT

GET
H2 200 connatix.renderer.infeed.min_dc.js Show response
cdns.connatix.com/p/1883/min/ Frame 3C53 722 KB
189 KB 121ms
39ms Script
application/x-javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Requested by: Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 38420ff3f9d6bf40fd3d76517029f57f39b302ded73975aad330eb0f93054b99

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: gzip
age: 60730
x-cache: HIT, HIT
status: 200
content-length: 192764
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-dca17751-DCA, cache-hhn4044-HHN
last-modified: Tue, 04 Feb 2020 13:39:43 GMT
x-timer: S1580884972.907593,VS0,VE0
etag: "8cf4198b77bdc27047f6f4973a7688ee"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 2, 5519

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 559
date: Wed, 05 Feb 2020 06:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Wed, 05 Feb 2020 08:33:32 GMT

GET
H2 200 32x32-printer.png
www.bleepstatic.com/images/site/ 256 B
531 B 25ms
24ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 39418
cf-polished: origFmt=png, origSize=618
status: 200
content-disposition: inline; filename="32x32-printer.webp"
cf-bgj: imgq:85
content-length: 256
last-modified: Fri, 02 Oct 2015 21:57:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821ff4bce8f-LHR
expires: Thu, 05 Mar 2020 19:45:53 GMT

GET
H2 200 21beb902b545b086a90ec39f1df36b94.jpg
www.bleepstatic.com/author/photos/ 7 KB
8 KB 26ms
26ms Image
image/jpeg 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/author/photos/21beb902b545b086a90ec39f1df36b94.jpg
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 580
cf-polished: origSize=7617, status=webp_bigger
status: 200
cf-bgj: imgq:85
content-length: 7581
last-modified: Mon, 26 Oct 2015 17:15:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821ff4dce8f-LHR
expires: Sun, 17 Mar 2019 04:29:34 GMT

GET
H2 200 h4-bg.png
www.bleepstatic.com/images/site/ 38 B
199 B 27ms
27ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/h4-bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 36627
cf-polished: origFmt=png, origSize=72
status: 200
content-disposition: inline; filename="h4-bg.webp"
cf-bgj: imgq:85
content-length: 38
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821ff4ece8f-LHR
expires: Thu, 05 Mar 2020 20:32:24 GMT

GET
H2 200 news_email_icon.png
www.bleepstatic.com/images/site/ 126 B
401 B 26ms
26ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Referer: https://www.bleepstatic.com/css/redesign/home.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 35096
cf-polished: origFmt=png, origSize=1105
status: 200
content-disposition: inline; filename="news_email_icon.webp"
cf-bgj: imgq:85
content-length: 126
last-modified: Fri, 29 May 2015 07:10:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821ff50ce8f-LHR
expires: Thu, 05 Mar 2020 20:57:55 GMT

GET
H2 200 news_footer_icon.png
www.bleepstatic.com/images/site/ 110 B
300 B 26ms
26ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 37717
cf-polished: origFmt=png, origSize=186
status: 200
content-disposition: inline; filename="news_footer_icon.webp"
cf-bgj: imgq:85
content-length: 110
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e821ff52ce8f-LHR
expires: Thu, 05 Mar 2020 20:14:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200203/r20190131/ 221 KB
83 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afb8f57edd730b241af9943ecf84adfe91f814bdb8178aa5b09bbe59e15b48ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84400
x-xss-protection: 0
server: cafe
etag: 6994215799169530888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Feb 2020 06:42:51 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200203/r20190131/ Frame 019B 0
0 11ms
10ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 03 Feb 2020 15:08:04 GMT
expires: Mon, 17 Feb 2020 15:08:04 GMT
content-type: text/html; charset=UTF-8
etag: 6310935918814213997
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4495
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 142487
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 222 KB
60 KB 23ms
11ms Script
text/javascript 2600:9000:2057:a600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:a600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ef52af34aeee37e2e6433fdec511d86fe9f9ab816d0c6fc3b2fc5e419c438c2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 20:13:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-id: HYPJioKC8UqsQq4GJfpfHDqvtshOHGtWxOOsKmp9VEs7etfpNFeAsA==
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)

GET
H2 200 ransomware-header.jpg
www.bleepstatic.com/content/hl-images/2018/07/10/ 85 KB
85 KB 33ms
33ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2018/07/10/ransomware-header.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55037d6a8b947691864242b7d468b1d39a2754999fec91cc4044d42ece8df6f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 4332
cf-polished: qual=85, origFmt=jpeg, origSize=149605
status: 200
content-disposition: inline; filename="ransomware-header.webp"
cf-bgj: imgq:85
content-length: 87030
last-modified: Tue, 10 Jul 2018 19:14:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e822681dce8f-LHR
expires: Fri, 27 Dec 2019 06:03:55 GMT

GET
H2 200 292x176_Department_of_Defense_DOD_(3).jpg
www.bleepstatic.com/content/hl-images/2020/02/03/thumb/ 10 KB
11 KB 28ms
28ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2020/02/03/thumb/292x176_Department_of_Defense_DOD_(3).jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0f777612ea7b46c165a34c5ebed45f8e8f9f326a11504212936d80d8f4ca931

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 35645
cf-polished: qual=85, origFmt=jpeg, origSize=11373
status: 200
content-disposition: inline; filename="292x176_Department_of_Defense_DOD_(3).webp"
cf-bgj: imgq:85
content-length: 10664
last-modified: Mon, 03 Feb 2020 15:39:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e822681ece8f-LHR
expires: Thu, 05 Mar 2020 20:48:46 GMT

GET
H2 200 292x176_Emotet.jpg
www.bleepstatic.com/content/hl-images/2020/01/29/thumb/ 14 KB
14 KB 25ms
24ms Image
image/jpeg 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2020/01/29/thumb/292x176_Emotet.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0f1bc34ba84c73f764d8f30a2c1264ed9a09f4c9634104121adc4fd8b028155

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
cf-cache-status: HIT
age: 438149
cf-polished: origSize=15556, status=webp_bigger
status: 200
cf-bgj: imgq:85
content-length: 14584
last-modified: Wed, 29 Jan 2020 19:03:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e822681fce8f-LHR
expires: Sun, 01 Mar 2020 05:00:22 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
103 B 13ms
13ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=644923547&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&ul=en-us&de=UTF-8&dt=BitPyLock%20Ransomware%20Now%20Threatens%20to%20Publish%20Stolen%20Data&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1415471022&gjid=112194793&cid=1151093400.1580884972&tid=UA-91740-1&_gid=798169248.1580884972&_r=1&gtm=2ou1m0&z=1176148037

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 4 KB
1 KB 32ms
31ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 697256
cf-polished: origSize=4895
status: 200
cf-bgj: minify
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"9108074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5602e822883dce8f-LHR
expires: Tue, 03 Mar 2020 05:01:55 GMT

GET
H2 200 font-awesome.css
www.bleepstatic.com/css/redesign/ 22 KB
5 KB 32ms
32ms Stylesheet
text/css 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 5278
cf-polished: origSize=26776
status: 200
cf-bgj: minify
last-modified: Tue, 03 May 2016 04:39:29 GMT
server: cloudflare
etag: W/"1700274315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 5602e822883ece8f-LHR
expires: Thu, 07 Nov 2019 07:15:15 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
456 B 101ms
33ms Image
image/x-icon 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 21:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33642
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 05 Feb 2020 21:22:10 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame A633 0
0 65ms
65ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1579563225&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1580884971886&bpp=4&bdt=275&fdt=39&idt=39&shv=r20200203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5656398574392&frm=20&pv=2&ga_vid=1151093400.1580884972&ga_sid=1580884972&ga_hid=644923547&ga_fc=0&iag=0&icsg=549758443520&dssz=39&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3831766069245500&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=48

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1579563225&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1580884971886&bpp=4&bdt=275&fdt=39&idt=39&shv=r20200203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5656398574392&frm=20&pv=2&ga_vid=1151093400.1580884972&ga_sid=1580884972&ga_hid=644923547&ga_fc=0&iag=0&icsg=549758443520&dssz=39&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3831766069245500&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=48
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 05 Feb 2020 06:42:51 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 05-Feb-2020 06:57:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 05 Feb 2020 06:42:51 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3a6506e100053cd9f6fc054c722ce7dfbab8c7048771d2c40b1bcf96f359462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580744964772619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27910
x-xss-protection: 0
expires: Wed, 05 Feb 2020 06:42:51 GMT

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v28/ Frame 3F0C 0
0 19ms
6ms Document
text/html 2600:9000:214f:b600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v28/cmp-3pc-check.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:b600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v28/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
content-type: text/html
content-length: 583
last-modified: Mon, 06 Jan 2020 20:13:38 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Feb 2020 06:28:23 GMT
etag: "2382c3f01978a379e8fa8bc1a3bec605"
x-cache: Hit from cloudfront
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: xjNmHwuyADwkHvMSu8fTi443QYEYzldrG8UW_cmwOGJKIfhuj-ZSwQ==
age: 1532

GET
H2 200 fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 64 KB
64 KB 85ms
35ms Font
application/octet-stream 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Apr 2015 09:36:00 GMT
server: cloudflare
age: 4711
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
status: 200
accept-ranges: bytes
cf-ray: 5602e8232c9b353a-LHR
access-control-allow-origin: *
content-length: 65452

GET
H2 200 cmpui-popup.js Show response
static.quantcast.mgr.consensu.org/v28/ 229 KB
61 KB 7ms
7ms Script
text/javascript 2600:9000:214f:b600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v28/cmpui-popup.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:b600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01c00d59c63921b2fe1e39ba741be020fd873448b7cd65507dd4caa7a557dfa9

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:39:50 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 20:13:37 GMT
server: AmazonS3
age: 759
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 2s5O0syM51rsDE3_XIPhIUms5a8ytWpYUpebOBn5ufn2-Om86MFanA==
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)

GET
H2 200 g Show response
ck.connatix.com/ 46 B
193 B 39ms
38ms Script
text/plain 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ck.connatix.com/g?callback=cnxJSONP_64b3ccfa8a74df0bf84c1580884972016
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 604db8e904c21bbccea19d186d73e79d1b9466985f9a763af633ca55da348a56

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-cache: HIT
status: 200
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-cache-hits: 0
accept-ranges: bytes
x-timer: S1580884972.038212,VS0,VE0
content-length: 46
retry-after: 0
x-served-by: cache-hhn4044-HHN

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 93 KB
17 KB 6ms
6ms XHR
application/json 2600:9000:214f:3a00:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:3a00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65e6427f490a96c4a8b363d5f70ce70cc29164e2753d3843d38be63ac5235c0a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Thu, 30 Jan 2020 16:11:09 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 484304
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 30 Jan 2020 16:00:30 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: _S6gJy.jMlUF8_y25uPP970yGsIjDDI2
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: duatriP8PV7Gc1-UHG8ZOQb12tCIGBtPwgA06SQf1KCG9X0dj6ZLvg==

GET
H2 404 CookieAccess Show response
api.quantcast.mgr.consensu.org/ 30 B
597 B 222ms
141ms XHR
application/json 13.35.253.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-19.fra6.r.cloudfront.net
Software: /
Resource Hash: 5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: a7bc53ed-d3c8-48ef-af89-03c9c00d26aa
x-cache: Error from cloudfront
status: 404
x-amz-apigw-id: HaSM7HGoIAMFkPw=
content-length: 50
access-control-allow-origin: https://www.bleepingcomputer.com
x-amzn-trace-id: Root=1-5e3a63ec-8368d4781999d3e65387b2bc;Sampled=0
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
x-amz-cf-id: 2xgYy17Q0tlI_cX9LROj-_lxLVSDtMUY8N4qrknQhOlYXta_cw6xHA==

GET
H2 200 pls Show response
core.connatix.com/ Frame 3C53 6 KB
3 KB 329ms
109ms Script
text/plain 54.88.18.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://core.connatix.com/pls?callback=jQuery321016719171813823053_1580884972014&token=83c6e833-8c07-474c-b10f-079d46320a80&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&c_v=1883_1_0_0_0&page_guid=0edcbafca2fbd5a76e571580884972058&spp=1&_=1580884972015
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.18.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-18-195.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: 7ea360388f3f24329f6486f1edf1ea014d3ee57f160d5cfec848c59199cc34e1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Wed, 05 Feb 2020 06:42:52 GMT
content-encoding: gzip
server: nginx/1.15.9 (Ubuntu)
access-control-allow-origin: *

GET
H/1.1 200
OK moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 120ms
40ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 06:42:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Nov 2019 20:13:52 GMT
Server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
ETag: "f14b4e1f799b14f798a195f43cf58376"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=23395
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 2 KB
855 B 133ms
131ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
content-encoding: gzip
etag: -1659864586--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=32, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 678

GET
H/1.1 200
OK cookie Show response
d.pub.network/ 36 B
472 B 471ms
116ms XHR
text/plain 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/cookie
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: d824e8f685670e2707dda500e8e7ac2c38623ea777ec7ae9efd3d9170ad7e7fd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:52 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 48 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236c1a24ff74b94646b557758f82ce4c270f9c32403743b59c709d94621a947a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "419 / 904 of 1000 / last-modified: 1580868138"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15171
x-xss-protection: 0
expires: Wed, 05 Feb 2020 06:42:52 GMT

GET
H/1.1 200
OK gallery.js Show response
freestar-io.videoplayerhub.com/ 92 KB
24 KB 184ms
40ms Script
application/javascript 143.204.214.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-io.videoplayerhub.com/gallery.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-78.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b2a0f1f28e439d402ee9cfc13203db8667a0c5dcfe53176268c0962f9ad82fe

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: 0hP8SMpyd5MlS6JgumuG_5Tka5wTbKi1
Content-Encoding: gzip
Last-Modified: Mon, 03 Feb 2020 17:45:06 GMT
Server: AmazonS3
Age: 41
Date: Wed, 05 Feb 2020 06:42:47 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
X-Amz-Cf-Id: lS3DakSyyZoQVFQDaG468NE8bJk1Ib2DNKSf0cCAOwD2FpwiIKKHIg==

GET
H2 200 prebid-analytics-3.4.0.js Show response
a.pub.network/core/ 337 KB
103 KB 143ms
143ms Script
text/html 2606:4700:20::681a:8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d9f4ce8e7af5088fb1f0c20f81143ec037d471f018cb3560548ba643aa85499

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
content-encoding: br
cf-cache-status: BYPASS
status: 200
x-guploader-uploadid: AEnB2UqvkAtig5rFwbNQDWf4m0PzvXZYyn561I0m-bduqvCEMG_wqD-f2uOxtJtLL4n7BDeLwZQTtp6bQLTzD-jsitP-05Y1gg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Tue, 28 Jan 2020 16:40:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=HV5fWw==, md5=shrW9zmrRoSRzYuht8+68w==
content-type: text/html
x-goog-generation: 1580229624254087
cache-control: private
x-goog-stored-content-length: 345065
cf-ray: 5602e8253c78dfa5-FRA
expires: Thu, 04 Feb 2021 06:42:52 GMT

GET
H/1.1 200
OK location Show response
d.pub.network/ 49 B
496 B 863ms
115ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/location
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 50bd812525c0b8bd3d27581e8a46a0f1d0281bcdfdaae770eb8e3e3677e7e5cd

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:53 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pubads_impl_2020020308.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 44ms
44ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020308.js?21065506

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

07a731ea7c6183470636c257c22fe9f7a2dc52c1d73edd7e102bf480a2ca2ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Feb 2020 16:58:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62085
x-xss-protection: 0
expires: Wed, 05 Feb 2020 06:42:52 GMT

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 44ms
43ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Wed, 05 Feb 2020 06:42:52 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 383.jpg
i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/ 46 KB
46 KB 55ms
48ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/383.jpg?mode=stretch&connatiximg=true&scale=both&height=469&width=834
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ba90ceff83b908709eba06f36daddceac517cfcd2c7122286f384807332f8eef

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 18572
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 4
accept-ranges: bytes
x-timer: S1580884972.467062,VS0,VE0
access-control-allow-origin: *
content-length: 46698
x-served-by: cache-sjc10022-SJC, cache-hhn4044-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/1968846f-037e-497f-a3e1-e9d52464e11b/ 59 KB
59 KB 45ms
38ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/1968846f-037e-497f-a3e1-e9d52464e11b/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cbe5469bee1bce08635072a4f30fa70181ab66daaee4b0beba1ff724a828a2a0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 18572
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 4
accept-ranges: bytes
x-timer: S1580884972.466903,VS0,VE0
access-control-allow-origin: *
content-length: 60189
x-served-by: cache-sjc10049-SJC, cache-hhn4044-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/d875e2e0-f424-4b2d-9634-0dc7d3236615/ 17 KB
17 KB 55ms
49ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/d875e2e0-f424-4b2d-9634-0dc7d3236615/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8258ab6dca6e481db10703021930ca8b0e484c50213ea4c42f8f01fd64e3e57d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 18572
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 4
accept-ranges: bytes
x-timer: S1580884972.467265,VS0,VE0
access-control-allow-origin: *
content-length: 17157
x-served-by: cache-sjc10021-SJC, cache-hhn4044-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/7ae339c6-a11d-4420-b54b-b00851b0ad4f/ 77 KB
78 KB 55ms
48ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/7ae339c6-a11d-4420-b54b-b00851b0ad4f/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 32dc38472daec201b35d1ae304890299b0b58b4d95dacb7f0c0793505ab54a0d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 18572
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 8, 7
accept-ranges: bytes
x-timer: S1580884972.467057,VS0,VE0
access-control-allow-origin: *
content-length: 79231
x-served-by: cache-sjc10045-SJC, cache-hhn4044-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/4ac34f58-e83e-4dfd-b9bb-74c113df8269/ 96 KB
96 KB 49ms
43ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/4ac34f58-e83e-4dfd-b9bb-74c113df8269/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 823324e06944cd63de73c45e264316e0cdbd4893e6b284ff8fa16756487bb9a8

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 18572
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 4
accept-ranges: bytes
x-timer: S1580884972.467018,VS0,VE0
access-control-allow-origin: *
content-length: 98269
x-served-by: cache-sjc10036-SJC, cache-hhn4044-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/c3232b48-4149-4474-a0ac-2e7b798c1530/ 164 KB
165 KB 55ms
49ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/c3232b48-4149-4474-a0ac-2e7b798c1530/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3b2f801040c3141d02a6844574cdf954b8a52932f18d718b3ec1a318654f52ec

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 11182
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 1
accept-ranges: bytes
x-timer: S1580884972.467032,VS0,VE1
access-control-allow-origin: *
content-length: 168309
x-served-by: cache-sjc10040-SJC, cache-hhn4044-HHN

GET
H2 200 bleeping-computerlogo-lg.png
www.bleepstatic.com/logos/ 7 KB
7 KB 24ms
24ms Image
image/webp 104.26.13.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/logos/bleeping-computerlogo-lg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
cf-cache-status: HIT
age: 36099
cf-polished: origFmt=png, origSize=15281
status: 200
content-disposition: inline; filename="bleeping-computerlogo-lg.webp"
cf-bgj: imgq:85
content-length: 7156
last-modified: Wed, 07 Jan 2015 22:52:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5602e825dd5ece8f-LHR
expires: Thu, 05 Mar 2020 20:41:13 GMT

GET
H2 200 0_th_1.jpg
i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/ Frame 3C53 23 KB
23 KB 39ms
38ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/0_th_1.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
via: 1.1 varnish, 1.1 varnish
age: 13935191
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 4
accept-ranges: bytes
x-timer: S1580884973.509161,VS0,VE0
access-control-allow-origin: *
content-length: 23507
x-served-by: cache-sjc3139-SJC, cache-hhn4044-HHN

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
2 KB 126ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b009919acaecacce8a304a866a01568977ff436504070bb34b36bf36d25fd427

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:52 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 907

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/ Frame 3C53
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1580884972455&ns_st_ec=1&ns_st_sp=1&ns...
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1580884972455&ns_st_ec=1&ns_st_sp=1&n...

43 B
589 B

48ms
43ms

Image
image/gif

104.108.39.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1580884972455&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1580884972456&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&c8=&c9=&cs_ucfr=0&cs_ak_ss=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.39.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-39-228.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1580884972455&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1580884972456&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&c8=&c9=&cs_ucfr=0&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 87 KB
25 KB 159ms
77ms Script
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 59b3d33f2fd94ea19425841c32e2fbfdfb82f3a8d7afabff60fc62737e918ac0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 07:18:26 GMT
content-encoding: gzip
server: Server
age: 84266
etag: bdd7a7c8657eec84539eff429805b578
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: 75NSVjS93sW6ApU2uy9DMFnK7T-Lna2ia3O32KltkXAfZOaDVyDa0g==
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/ 159 KB
34 KB 115ms
37ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42d1ac8e8932308107f08e5ea68cfff75736c5be8de9f6b4445a14427a3986f5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 06:42:52 GMT
Content-Encoding: gzip
Age: 967
X-Cache: HIT
Connection: keep-alive
Content-Length: 33834
x-amz-id-2: XFcdzB0DFbO/uw/CbnV1fhvChVlpH9uLWXO7ZqSxSUggziucuwPLSTLA9QKk1MVm/qaH/m6anwo=
X-Served-By: cache-hhn4054-HHN
Last-Modified: Wed, 05 Feb 2020 06:16:20 GMT
Server: AmazonS3
X-Timer: S1580884973.573752,VS0,VE0
ETag: "6ccde8df6c0cdebff45ab12990f58f8a"
x-amz-request-id: 6376A55408003DC9
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 37

GET
H/1.1 200
OK v2 Show response
d.pub.network/floors/ 2 KB
2 KB 415ms
120ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/floors/v2?key=535desktop
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 6be98913504e67a45275ad901ee77ce807e3feb3946ba25ecec7576702267cd9

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:52 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H/1.1 200
OK r
trk.connatix.com/ Frame 3C53 0
162 B 419ms
99ms Image
text/plain 52.73.64.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/r?connatix_sess=YHX7Wb4d7A2m0glSS85ahh-KDFU93OmEi2SzYTH9nUPQC9SF4wpie51l1niWYsUInv0Y2WuPT15Wcb78wINacq8Gf45SX6h9qBgth5KgSMHln_mJqbF4My906Si_YNFng_zrSGuYc3aPP8Bx9jS7FpN9GtsONEHdmmr2VpmZWz4hOo6ooYBesmEU8FtQNNQx&videoID=639404&c_pl=OZSNUx2-UtXQ6F_hRsdfUTNrREb6vHtM2Bjp6chVAfETRweH5DbVUE8LeSEX0CcnsRuOpYmtuiLwOVS0kd86gupUCg7hUpFA7f-hd0SGzkmu6IjrXWpDg3WS7Tjk1Xu8-GRNlI06NbPE4SJdzLUpd1aCq3PPJjElxGVzCtLbjIfjIKnGwugWOd0U1K3_-cWShOrHdO0J9YdzwnB4ssV1HB_FbL4X82uGlESMq1wSldqwb2K03pXF4ln2f3a7WaM3WTj5AEqlS7d8SoGo1fUjXw&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-&c_v=1883_1_0_0_0&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.64.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-64-251.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 Feb 2020 06:42:52 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/ Frame 3C53
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1580884972455&ns_st_ec=2&ns_st_sp=1&ns...
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1580884972455&ns_st_ec=2&ns_st_sp=1&n...

43 B
589 B

40ms
40ms

Image
image/gif

104.108.39.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1580884972455&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=40&ns_st_cl=30000&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=40&ns_st_dpt=40&ns_st_ipt=40&ns_st_et=40&ns_st_det=40&ns_st_upc=40&ns_st_dupc=40&ns_st_iupc=40&ns_st_upa=40&ns_st_dupa=40&ns_st_iupa=40&ns_st_lpc=40&ns_st_dlpc=40&ns_st_lpa=40&ns_st_dlpa=40&ns_st_pa=40&ns_ts=1580884972496&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&c8=&c9=&cs_ucfr=0&cs_ak_ss=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.39.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-39-228.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1580884972455&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=40&ns_st_cl=30000&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=40&ns_st_dpt=40&ns_st_ipt=40&ns_st_et=40&ns_st_det=40&ns_st_upc=40&ns_st_dupc=40&ns_st_iupc=40&ns_st_upa=40&ns_st_dupa=40&ns_st_iupa=40&ns_st_lpc=40&ns_st_dlpc=40&ns_st_lpa=40&ns_st_dlpa=40&ns_st_pa=40&ns_ts=1580884972496&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&c8=&c9=&cs_ucfr=0&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebid.pub.network/ 187 B
404 B 473ms
118ms XHR
application/json 35.226.134.247
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.pub.network/cookie_sync
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.226.134.247 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 247.134.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 0f26954e59757f573c709bcabe82328c10ea5f250fe6a48082eaea2e116bbb8f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 123
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.pub.network/openrtb2/ 147 B
433 B 562ms
207ms XHR
application/json 35.226.134.247
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.pub.network/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.226.134.247 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 247.134.226.35.bc.googleusercontent.com
Software: /
Resource Hash: d2ab593292a3b7ef4d41acb39318e8fae69272ab64d5c3d02a3090700b95dacc

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 152
Expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
447 B 96ms
49ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5602e826da8dbc60-LHR
access-control-allow-headers: origin, content-type

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
39 B 103ms
56ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5602e826da8ebc60-LHR
access-control-allow-headers: origin, content-type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 729 B
1 KB 43ms
43ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

5234edb4bf39a1ecd92c74c769fdd6fc3d0f736b6540079648deb11aa8e07254

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:54 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.154:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ce6745f5-b061-4e23-bea9-d588ed03b695
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 21 KB
22 KB 172ms
114ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1f72d209f3fa2e2da339c5afb0f4c815487c3e2f4e7145aba9160508ba343bda

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
x-openrtb-version: 2.3
access-control-allow-credentials: true
date: Wed, 05 Feb 2020 06:42:52 GMT
content-type: application/json

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 121ms
47ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=45f2bf329c6aa19&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 134ms
60ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=46cddf4c9ff94d2&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 143ms
69ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=4700cede7f5d7ff&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 120ms
46ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=48a74f2cd4bdb17&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 165ms
91ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=493663f323c4a4c&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 170ms
96ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=50eef5b8ffb25f2&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 141ms
68ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=51e316c67701c3b&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 156ms
82ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=5257573eb5688de&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 172ms
99ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=535ea31fd5c57a4&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 156ms
83ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=547bd85ee458f6d&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 156ms
84ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=557fe67ab53a524&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 176ms
104ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=5691f06f2b9c92f&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 116ms
44ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=5757dc637394038&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 137ms
64ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ggh1aXSgpQAvBpkxoyAsBJPd&bidId=5879c03d7fd8a44&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 160ms
88ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=5907de9a5385a69&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 157ms
85ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=60234582bab6353&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 158ms
87ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=61ed112709640ad&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
998 B 424ms
342ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%2262e00e6c926a74a%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22635a6974aeec73%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2264a1402e364ed65%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22655081795750bce%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2266b53fd089fdfe3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22675d304b711d20b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226800b7b3d170b87%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226916713497edc5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227021c95c6e1fa09%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22718dbee1740d24b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22726092f599ca3d3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22739e7028e6b895%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22745cb47944adb6d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22752d281bdfd8561%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0dc4f82d8f5e5e7caa58d672ed616a08b0260ed3b3947252a8a0154611349739

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:52 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Wed, 05 Feb 2020 06:42:52 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 246ms
127ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=35aa9390-b075-43ea-b8c4-e31f0c05c570&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.31375581769116456
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: cd2efeab320e6bfa636c841ac8ff353a709fc88f127cd3b9cc43afb3a0558265

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:52 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=292
Content-Length: 6159
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 260ms
141ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=2c52fd7b-356c-4ad1-93d5-c181a8c5c413&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4194109181064076
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 00fd7303db05c0bd3f4630adcfedf003a7a5ba793ea5b366b37fb050bd65df46

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:52 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=124
Content-Length: 6163
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 252ms
132ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=7bf5cfe5-7096-4ee7-b919-c630390e5497&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.36420779218391774
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: ec932bf41c76554cb255525146aa943c8dd221a827593865d85b229aa4abd1af

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:52 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=21
Content-Length: 6179
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 275ms
151ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=08595e98-a323-432f-9bff-a35e9f18dd7f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7936570631850053
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 69178cc442b311d9764c39e66f8ecd32e7661f68133f9a0c3111f5901b4e990a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:52 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=488
Content-Length: 6205
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 256ms
131ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=e137a259-e441-4d18-87ad-aa5c2f86d93f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.594476229624775
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 4fdf28de0edea783d94d5d4690c902e21b10b9a05ea7433d32a3b0653c5a9104

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:52 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=342
Content-Length: 6321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 401ms
155ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=35a3dc36-a8af-4d75-89ce-4549c6dd470b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.05447404037233361
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 3d9aeec86d802f5710d7cd90c0aaa75b4138ed3688d8c8dc79965e46175f3758

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:52 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=360
Content-Length: 6177
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 729 B
1 KB 79ms
45ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

338ca2b2512fe0ed459e0e43f08aa6df987db32585d469120c8a341fcfc71eb1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:54 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.153:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 09d785de-010f-4b47-bbde-e1f76a26ccc3
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1580884972;v=2;cmd=bid;cors=yes;alias=1406f559bf510977;misc=1580884972565 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1406f559bf510977;misc=1580884972565;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580884972;v=2;cmd=bid;cors=yes;alias=1406f559bf510977;misc=1580884972565

0
-1 B

1189ms
97ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580884972;v=2;cmd=bid;cors=yes;alias=1406f559bf510977;misc=1580884972565
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:53 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580884972;v=2;cmd=bid;cors=yes;alias=1406f559bf510977;misc=1580884972565
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:53 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580884972;v=2;cmd=bid;cors=yes;alias=1406f559bf510977;misc=1580884972565
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET ADTECH;v=2;cmd=bid;cors=yes;alias=1416138b8073e2;misc=1580884972565;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=142a152df5e7ff7;misc=1580884972566;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 0
0

GET
H2

302

ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=143d7ff262f2a42d;misc=1580884972566 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=143d7ff262f2a42d;misc=1580884972566;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=143d7ff262f2a42d;misc=1580884972566

0
-1 B

1212ms
120ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=143d7ff262f2a42d;misc=1580884972566
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:53 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=143d7ff262f2a42d;misc=1580884972566
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:53 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=143d7ff262f2a42d;misc=1580884972566
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET ADTECH;v=2;cmd=bid;cors=yes;alias=14420ccb8acc2f57;misc=1580884972566;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=1455b13ed5840109;misc=1580884972566;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 0
0

GET
H2

302

ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=1466c91242e9c984;misc=1580884972566 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1466c91242e9c984;misc=1580884972566;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=1466c91242e9c984;misc=1580884972566

0
-1 B

1214ms
123ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=1466c91242e9c984;misc=1580884972566
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:53 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=1466c91242e9c984;misc=1580884972566
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:53 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=1466c91242e9c984;misc=1580884972566
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET ADTECH;v=2;cmd=bid;cors=yes;alias=1478592d96420179;misc=1580884972566;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=1483c39efaa74cc8;misc=1580884972566;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=14910e27f52922a8;misc=1580884972566;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=15031d0de3a16b15;misc=1580884972566;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=1517ff698bd88528;misc=1580884972566;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=1529fb2e1a329005;misc=1580884972566;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ 0
0

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 678 B
878 B 48ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:52 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 175 B
576 B 286ms
221ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=35aa9390-b075-43ea-b8c4-e31f0c05c570%2C2c52fd7b-356c-4ad1-93d5-c181a8c5c413%2C7bf5cfe5-7096-4ee7-b919-c630390e5497%2C08595e98-a323-432f-9bff-a35e9f18dd7f%2Ce137a259-e441-4d18-87ad-aa5c2f86d93f%2C35a3dc36-a8af-4d75-89ce-4549c6dd470b&nocache=1580884972569&pubcid=e6e7f62e-1e35-444b-812e-7ededc90f47b&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%7C300x250%2C300x600&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&auid=540959250%2C540959250%2C540959250%2C540959250%2C540959250%2C540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash: 3c231dc6f62bed2998ab8ac1e68eaaa1e334b9785401618c3490876a461e2355

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:52 GMT
content-encoding: gzip
server: OXGW/16.174.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
482 B 743ms
419ms XHR
application/json 52.58.48.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.4.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tmax=1200

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.48.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-48-163.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:53 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame DA1C 421 KB
94 KB 320ms
24ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884972.dop206.lo4.t,1580884972.cds212.lo4.hn,1580884972.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773452
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
486 B 1387ms
40ms XHR
text/html 143.204.214.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1580884972607;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F;;;;;p,off,false,,1,en,28,186,true,false,false;displayConsentUi:mandatory,
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v28/cmpui-popup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 04 Feb 2020 12:14:05 GMT
via: 1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)
vary: Origin
age: 66529
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: XYSa2Mt7ttw9SPqc353d5TEqLOfyApVrJnTDmnhVvEf50vRp2o2atg==

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202001101133/ 86 KB
30 KB 38ms
37ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 764c862d312159b49f8e6fd8b1944c16499713abe7236eb8b6b40f20cf1033fa

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 06:42:52 GMT
Content-Encoding: gzip
Age: 757
X-Cache: HIT
Connection: keep-alive
Content-Length: 30065
x-amz-id-2: FZM0E915ekBIygNZ3cRIS1mabMFfs5N6V5yiSbYUYLio7BweKBS8jebE2h8jYR9zNhFrqItWDFI=
X-Served-By: cache-hhn4054-HHN
Last-Modified: Mon, 13 Jan 2020 19:57:14 GMT
Server: AmazonS3
X-Timer: S1580884973.647430,VS0,VE0
ETag: "62e50166bfcd03e9d6305899d1bf1737"
x-amz-request-id: 7D820617F51D8FB3
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 4472

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202001101133/ 33 KB
12 KB 88ms
41ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202001101133/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf1091e08a0a0c7b7e407014d53bda0223573859d06351c958a1174479a77752

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 06:42:52 GMT
Content-Encoding: gzip
Age: 11
X-Cache: HIT
Connection: keep-alive
Content-Length: 12169
x-amz-id-2: jI46x00XqvfSCJVfGjfPs1YzNeGfxg1+r0wXEUI81sw3IhS3HsHHVxKMk+7TNwABtwy3IATlt2M=
X-Served-By: cache-hhn4054-HHN
Last-Modified: Mon, 13 Jan 2020 19:57:17 GMT
Server: AmazonS3
X-Timer: S1580884973.694194,VS0,VE0
ETag: "aecd520c5565494b99212f397ace223e"
x-amz-request-id: 85DA62ABA4843CAA
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 17

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
376 B 74ms
73ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&pid=wkJhcuyqhF1LQ&cb=0&ws=1600x1200&v=7.46.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprc=null&gdprl=%7B%22status%22%3A%22cmp-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 05 Feb 2020 06:42:52 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: -_9RqNrbNTKFBTWvfzIT0naMaBzVT0lACgMgEjhz-d1IyJlgOacIVA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 126ms
43ms XHR
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 04 Feb 2020 07:18:38 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 84255
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 08 Jan 2020 04:09:03 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Ehk6qJM5hqUNnOzS8F6bS4rjATgLAwvpWI95n23qR5fILSNa2OxDGQ==

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
344 B 484ms
115ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: d824e8f685670e2707dda500e8e7ac2c38623ea777ec7ae9efd3d9170ad7e7fd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:53 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 beacon.js Show response
ad-delivery.net/ 1 KB
987 B 366ms
38ms Script
application/x-javascript 13.35.253.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/beacon.js
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-101.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 31 Jan 2017 15:06:54 GMT
server: AmazonS3
age: 1304
date: Wed, 05 Feb 2020 06:21:09 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: rYARbvl_bSXV0H-Y2CCEa2Zi8grmAxMEB8Ed-SNobp_nSYdOlJRI7A==
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame DA1C 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506418
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DA1C 160 B
1016 B 33ms
33ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2b4d021e3e5fedba2546a59a64d7662e086959d0406bfff4b51328366e375d0c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:55 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.44:80
AN-X-Request-Uuid: 664c8fd4-67ec-4b6b-bc6d-ee9fa984109a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DA1C 160 B
1016 B 61ms
27ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0a4a66ae231d1717190f283c48a4690aaaa44987edff543a8f86b9f86ce980d9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:55 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.87:80
AN-X-Request-Uuid: 873619be-52cd-4020-8ade-164e22ec69ce
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame DA1C 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:53 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame DA1C 44 B
667 B 127ms
46ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%220ac4fb8f%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=0ac4fb8f-e9fd-4efd-b5e6-0123f3c2977c&pv=0ac4fb8f-e9fd-4efd-b5e6-0123f3c2977c&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

20b1e7800492a0c3b70eca63dbc86e9e1ebabacca24f0d6bebfde46d431d2b66

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:53 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame DA1C 20 B
320 B 205ms
99ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=0ac4fb8f-e9fd-4efd-b5e6-0123f3c2977c-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:53 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK jquery.color-2.1.2.min.js Show response
cluster-na.cdnjquery.com/color/ 92 B
356 B 475ms
175ms Script
text/javascript 52.7.20.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=btjsonpcallback1580884973264&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F%22%2C%22aa%22%3A3%2C%22pgid%22%3A%22bbcc5057-47e2-11ea-a989-18dd103190e2%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&csVersion=1.21.31&clearThroughOptions=undefined

Requested by

Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.20.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-20-116.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

0d00e57a5404686a822a061615067f27580a1974546d76800855c0a339389ce8

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 06:42:53 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
ETag: W/"5c-71257Kw3QuLtxVlU6osmTwXfU40"
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
Charset: utf8
Connection: keep-alive
Content-Length: 84

GET
H2 200 px.gif
ad-delivery.net/ 43 B
385 B 38ms
38ms Image
image/gif 13.35.253.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.667293225690994
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-101.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2017 18:59:05 GMT
server: AmazonS3
age: 118209
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
date: Tue, 04 Feb 2020 09:00:49 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: I6tK4rIKMhlQYJbZcqXj11FNqaglfB3l3UkVuo3w_sYGd9WV2k0jnA==

GET
H2 200 48.008759e9efe1c1b693dd.js Show response
s7.addthis.com/static/ 281 B
486 B 36ms
36ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/48.008759e9efe1c1b693dd.js

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-119"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Wed, 05 Feb 2020 06:42:53 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 246

GET
H2 200 / Show response
graph.facebook.com/ 307 B
413 B 61ms
49ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_colk0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

539fdd365e7e94bacf839f9fd47197218b1caec86a7f661fe1882ad6c5f340d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Wed, 05 Feb 2020 06:42:53 GMT, Wed, 05 Feb 2020 06:42:53 GMT
x-fb-rev: 1001676947
alt-svc: h3-24=":443"; ma=3600
content-length: 210
pragma: no-cache
x-fb-debug: ekqGyKm6ajbv6LXeRcF28CXc8hU4FZTxHZhg5Tw7qFQBQQneOxBcNjV+BMVh0L5dABqO1jdvMOfBzJT1inglyg==
x-fb-trace-id: HrY7i7wIoRc
etag: "da77dbe1548fc80446329359d0e1e1741e6c7ca7"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AOLnR4tXDGqif5GfFxS0k2o
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 4 KB
2 KB 245ms
170ms Script
application/javascript 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&jsonp=_ate.cbs.rcb_e3gq0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

03c278eb3fd7578e5c0679fd4a58d92d5b02bd761b58a6c93820693be421d165

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish
x-cache: MISS
status: 200
x-cache-hits: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 1697
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4058-HHN
x-moose: majestic
server: snooserv
x-timer: S1580884973.415305,VS0,VE135
x-frame-options: SAMEORIGIN
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
expires: -1

GET
H2 200 / Show response
graph.facebook.com/ 145 B
603 B 59ms
48ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_1wr70

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df2d7ff92ff939684b2b763d30c9c225b36bc5afec66cb18a61e2798ed8e42d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Wed, 05 Feb 2020 06:42:53 GMT, Wed, 05 Feb 2020 06:42:53 GMT
x-fb-rev: 1001676947
alt-svc: h3-24=":443"; ma=3600
content-length: 145
pragma: no-cache
x-fb-debug: BKvDCT5qJo8NKtZsdQXERLxxh5PUHvJjk42z+mIjqB/QtMkPbkAIfLXjwGl53JqkKdlAOfSMyVKCs2J7w6aHSQ==
x-fb-trace-id: A+csansagis
etag: "82cd30f8467b61a2a2fcfa74a4bbd622ceb4e170"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AqKh9DmhAWflDSDcf0CTVD9
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
670 B 231ms
157ms Script
application/javascript 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&jsonp=_ate.cbs.rcb_a0mx0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

b9c4ba16ee54290eacc77e0f35acb47382bccac5aaa3dbac3764dc577d20d0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:53 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
x-cache-hits: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4058-HHN
x-moose: majestic
server: snooserv
x-timer: S1580884973.415340,VS0,VE122
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
expires: -1

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame DA1C 0
217 B 1144ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=0ac4fb8f&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 74 KB
25 KB 534ms
534ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3831766069245500&correlator=1210589868777604&output=ldjh&impl=fifs&adsid=NT&eid=21065506&vrg=2020020308&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200205&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_1x1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C1x1%2C300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D1557185213fbc7a7%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D158f6f9891e69a7f%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.03%26hb_adid%3D1561f614140bb3ed%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.03%26hb_adid%3D1593980e153aa0e%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D15766ac275b0be2a%26hb_bidder%3Drubicon%7C%7Camznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.03%26hb_adid%3D160bcf178e710ee3%26hb_bidder%3Drubicon&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1579563225&dt=1580884973765&dlt=1580884971612&idt=859&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C1082%2C1082%2C268%2C800%2C1082&adys=146%2C7743%2C327%2C1136%2C6312%2C8249%2C1661&adks=960084856%2C976516616%2C771041174%2C2389526111%2C4047242158%2C2635258439%2C523518761&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&dssz=59&icsg=598134501679104&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x120%7C1200x90%7C306x250%7C306x250%7C834x90%7C1600x8249%7C306x250&msz=1170x90%7C1170x90%7C306x250%7C306x250%7C834x90%7C1600x1%7C306x250&ga_vid=1151093400.1580884972&ga_sid=1580884972&ga_hid=644923547&fws=4%2C4%2C4%2C4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020308.js?21065506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

865744a5f5f5f1f50f74394c2cdc37fd8031a80825713defdfe947bf6aa15c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 05 Feb 2020 06:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25638
x-xss-protection: 0
google-lineitem-id: -1,-2,-1,-2,-2,4893662829,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1,-2,-2,138254592126,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020020308.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
24 KB 43ms
43ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020308.js?21065506

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020308.js?21065506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

a0943891cf9970c6b7a47f144cc250802fd0eb7ff24b20e9bc220de72d871afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Feb 2020 16:58:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24755
x-xss-protection: 0
expires: Wed, 05 Feb 2020 06:42:53 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020308.js?21065506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET ADTECH;cfp=1;rndc=1580884972;v=2;cmd=bid;cors=yes;alias=1406f559bf510977;misc=1580884972565
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ 0
0

GET ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=143d7ff262f2a42d;misc=1580884972566
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ 0
0

GET ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=1466c91242e9c984;misc=1580884972566
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ 0
0

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 6679 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 05 Feb 2020 00:01:30 GMT
expires: Thu, 04 Feb 2021 00:01:30 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 24084
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E163 0
0 8ms
8ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 05 Feb 2020 00:01:30 GMT
expires: Thu, 04 Feb 2021 00:01:30 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 24084
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A3AD 0
0 46ms
46ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsul45KYp7_1jNbzV5KgY49YDphtYikw0Ro-W78iKt7B337T-KmhZJLa9tHHcrQl5FEFkO3CM0974NC6Nq8zRQMETPmI71rabb5rNBjFSxF9wvyHcGPzpia7T9AmbzAbtK8rRx-xAjM_JVqvCvepBfkNJFJ1Qhrik94xCwDtp9H1moI8Pn6CNetf47t9RBNvpvMtInPtzY9obGetyf7JhDB6c-_r2vhRFdo9RSER-dR_fQ7sie66GBEp85fFHTRQemiKoilMASSsCqQ0eJ6zpdkRgKPbz8drc6gA&sig=Cg0ArKJSzKZl6wKCiCDJEAE&urlfix=1&adurl=

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 05 Feb 2020 06:42:54 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3AD 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9648b301ed4c48cf2fdd0fb932a1536c80881b0a73fb2852033b810c2ae1544c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580744964772619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
expires: Wed, 05 Feb 2020 06:42:54 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
377 B 75ms
74ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&pid=wOePJlhtQUuzy&cb=1&ws=1600x1200&v=7.46.00&t=1000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprc=null&gdprl=%7B%22status%22%3A%22cmp-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 05 Feb 2020 06:42:54 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: uhGjNB69FJubERD7IywN0zpMunrsLIn8QBTLvH6Sn8lVfcDBIvvzjg==

POST
H/1.1 200
OK auction Show response
prebid.pub.network/openrtb2/ 147 B
433 B 200ms
200ms XHR
application/json 35.226.134.247
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.pub.network/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.226.134.247 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 247.134.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 41c733ab2ef13d5a5640e560b600bcd5aa4cec53cd49cceec33f3f5b81eb38f2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 152
Expires: 0

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:54 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 174 B
371 B 123ms
123ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=9b897056-bccb-4c37-a814-08295de9441b&nocache=1580884974381&pubcid=e6e7f62e-1e35-444b-812e-7ededc90f47b&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&auid=540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash: 993fe983eae8010796b30b795633ac9382931e226e46ccd6cd1009975f5cf693

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
content-encoding: gzip
server: OXGW/16.174.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 26 B
1 KB 134ms
133ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%22170a832b92f881c1%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221712c2b33a376e2b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2217233a4336f7bf7c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221731a54420bb69a1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d2b9e393b09aa71a3492c956dde01ab685e4caa7cfaff9eb12120ffbe2bf7e43

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 46
Expires: Wed, 05 Feb 2020 06:42:54 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
7 KB 131ms
130ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=9b897056-bccb-4c37-a814-08295de9441b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5847148102374291
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: bce53a599149b16703e5c42526aeb8b4be9ba0ce0ba70d85a0efd71935d06252

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:54 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=461
Content-Length: 6178
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 67ms
67ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f6e4828f0ce087987cbe8485e44abc8f830fa45355026b883ac4b436e83047d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:56 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.174:80
AN-X-Request-Uuid: 99222be8-71da-43ca-bf7b-4f2b6713253c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 37ms
37ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

bb9c6e0d3ba42fa1dfa3ede5b994f28efbb1bb4a6867401d2805f996f4a6a3db

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:56 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.175:80
AN-X-Request-Uuid: 198660e1-077f-40be-88f9-3a6022929fa8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
168 B 45ms
45ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Feb 2020 06:42:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5602e831f9c0bc60-LHR
access-control-allow-headers: origin, content-type

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 66ms
66ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=1831fa45c36ec86c&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 66ms
66ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=18471337bc900aa9&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 72ms
72ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=18594cbc3f4b9a6b&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
482 B 240ms
239ms XHR
application/json 52.58.48.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.4.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tmax=1200

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.48.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-48-163.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 105ms
105ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

GET
H2

302

ADTECH;apid=1Abcd369a4-47e2-11ea-95bc-12a8bb4804a8;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=199341c66e283b31;misc=1580884974387 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=199341c66e283b31;misc=1580884974387;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1Abcd369a4-47e2-11ea-95bc-12a8bb4804a8;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=199341c66e283b31;misc=1...

0
-1 B

97ms
97ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1Abcd369a4-47e2-11ea-95bc-12a8bb4804a8;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=199341c66e283b31;misc=1580884974387
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1Abcd369a4-47e2-11ea-95bc-12a8bb4804a8;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=199341c66e283b31;misc=1580884974387
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1Abcd369a4-47e2-11ea-95bc-12a8bb4804a8;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=199341c66e283b31;misc=1580884974387
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Abcd4049a-47e2-11ea-b193-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=200e4dca88ade802;misc=1580884974387 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=200e4dca88ade802;misc=1580884974387;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1Abcd4049a-47e2-11ea-b193-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=200e4dca88ade802;misc=1...

0
-1 B

106ms
106ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1Abcd4049a-47e2-11ea-b193-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=200e4dca88ade802;misc=1580884974387
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1Abcd4049a-47e2-11ea-b193-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=200e4dca88ade802;misc=1580884974387
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1Abcd4049a-47e2-11ea-b193-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=200e4dca88ade802;misc=1580884974387
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Abcd3f34c-47e2-11ea-b983-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=201a88fe6f09e818;misc=1580884974387 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=201a88fe6f09e818;misc=1580884974387;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1Abcd3f34c-47e2-11ea-b983-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=201a88fe6f09e818;misc=1...

0
-1 B

99ms
99ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1Abcd3f34c-47e2-11ea-b983-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=201a88fe6f09e818;misc=1580884974387
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1Abcd3f34c-47e2-11ea-b983-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=201a88fe6f09e818;misc=1580884974387
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1Abcd3f34c-47e2-11ea-b983-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=201a88fe6f09e818;misc=1580884974387
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
376 B 73ms
72ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&pid=Tr6wj6rcqQdil&cb=2&ws=1600x1200&v=7.46.00&t=1000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprc=null&gdprl=%7B%22status%22%3A%22cmp-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 05 Feb 2020 06:42:54 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 9Wj9vNgFh_awxTKG4dPJioIFdenSDtfRd87WbwbCh89QvgE8B3nSfQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
377 B 78ms
77ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&pid=XN7lWEQNVTLmB&cb=3&ws=1600x1200&v=7.46.00&t=1000&slots=%5B%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprc=null&gdprl=%7B%22status%22%3A%22cmp-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 05 Feb 2020 06:42:54 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: CklODy3Q75l3G1RAn2cSNEMgMH-I_GRqaaOyFKT7UIOmQNmHkJ3SGw==

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 15ms
14ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3831766069245500&r=1x1&w=1&h=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ 20 KB
7 KB 43ms
26ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020308.js?21065506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43869e57b9339b03aecd3da7938097421e238ae9bdfd42a64035cc17c86399e0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48794
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7150
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 17:09:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7e98551560828916"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 17:09:40 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ Frame 348D 200 KB
55 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 58445
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55740
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 14:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c5733c238bea88"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 14:28:49 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 348D 15 KB
6 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-ad-exit-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc0d3b44a4cbe769eca3a48f9470f911bf3f4e65f1650b2eecea7ed2942eada6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 67222
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5593
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 12:02:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb81b23fc83ce453"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 12:02:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 348D 91 KB
27 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-analytics-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37613
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28005
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 20:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72f52e45b57a11ad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 20:16:01 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 348D 3 KB
1 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-fit-text-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e548c1ce78f73067beca7f7e2bb284f7a79a0e537c7ebb48266560290fcfbe66

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 67222
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1396
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 12:02:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5821fa2b275b35ee"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 12:02:32 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 348D 46 KB
15 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-form-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cda09677337093b10da14ba0ecbed2ea647ecec1f327ff794a046e3a71083fd4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 67220
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14831
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 12:02:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95a2cb227bce10b6"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 12:02:34 GMT

GET
DATA 200
OK truncated
/ Frame 348D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 233bc8bbbe0da8129c0fb7a777f1f188ce7004267154048a275a552d590fd9f6

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 16434412247115615338
tpc.googlesyndication.com/simgad/ Frame 348D 78 KB
78 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16434412247115615338?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmqvnHuT25PekFysWe7B7IjTlpecA

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe146a0a0fdf1e8bbd7600a4da12624177b732a4496aea55e7c6dc01e4bcd394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 12:40:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 Aug 2017 12:24:11 GMT
server: sffe
age: 64971
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 79762
x-xss-protection: 0
expires: Wed, 03 Feb 2021 12:40:03 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 348D 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 23:33:43 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 25751
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 05 Feb 2020 23:33:43 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 348D 295 B
401 B 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 31773
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 05 Feb 2020 21:53:21 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 348D 0
0 45ms
45ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqeiC7WM6XsHnNImU3gPVzqDgCYz2q4JYo6mksYMGwI23ARABINrXxTlgu76ug9AKoAHSxPqWA8gBAqkC7tS7O9_dtT7gAgCoAwHIAwiqBLsCT9CJlWcRBhnEi7BcIkwLpvdEkF7i6h-ebiWtc1TYRkF1koMsIoQxMI_nbFcuoz1Os-9XiSVSh3mWfG8fbhsQRGrex6uKXvVfQmbVTsBvf3zpNTHsIfwXhSy5cFLhq5TpnX2N212E1S3369tUyfpxU04luO0YLzMT4NRMGIRc-Ivf_VS4Hyrbc-h6980hwe2Qrj86yjeILnYq3rHXNVofBWAhuvAMoj0tUxkukXo6gQ7ni875-9NEW6Q37GzaYmKpzWuPmDsmDS42OC0fNUo3NuMaxB1iURyc1wAgCGfxyL3D9ARqWM0PPv7ToAY0Fvhjs2_lo_Inxz8YB524W9hhOfn4TEPDRXWZT0vUSQhFhy4-taUYQwGQ0DI5JQJ2f0JVe2qBE5TLu3dCisN1khRcqOErrB8nk2a8Zo2QwATA6vSBvgHgBAGSBQQIBBgBkgUECAUYBKAGAoAHlruFaagHjs4bqAfVyRuoB5PYG6gHugaoB_LZG6gHpr4bqAfs1RvYBwHyBwQQpecb0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNzQyMjQ5NjAzMjg5MDgzgAoDyAsB2BMN&sigh=lqcq0fL0904&tpd=AGWhJmtasxRyBnW6ekP9K1vw6CVdV3v_1OtWs22Uxn2vYPanKw
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 ADTECH;apid=1Abcd369a4-47e2-11ea-95bc-12a8bb4804a8;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=199341c66e283b31;misc=1580884974387 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ 48 B
81 B 136ms
136ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1Abcd369a4-47e2-11ea-95bc-12a8bb4804a8;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=199341c66e283b31;misc=1580884974387
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 8d567b94ff0a5abc0e8b362ae6c5125000da3f2968aab01a7b576ab0fc04b29e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Abcd3f34c-47e2-11ea-b983-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=201a88fe6f09e818;misc=1580884974387 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 48 B
105 B 136ms
135ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1Abcd3f34c-47e2-11ea-b983-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=201a88fe6f09e818;misc=1580884974387
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: e4ede63781e212e4e53b2111cde5e031ed40a5b6648efbf130d130af0772f123

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Abcd4049a-47e2-11ea-b193-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=200e4dca88ade802;misc=1580884974387 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ 945 B
1 KB 168ms
168ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1Abcd4049a-47e2-11ea-b193-12794b40da64;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=200e4dca88ade802;misc=1580884974387
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 71aa8b2bc282037f8ee3e4202eaa0371cf47c94a906f38e5409725de88e1275c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
2 KB 33ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f15dda2281e4d883978051ed03739b079ffee0846a9e2f3010753b97a994318d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:54 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 901

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 348D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Redirect headers

date: Wed, 05 Feb 2020 06:42:54 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 3F05 421 KB
94 KB 23ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:54 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884974.dop206.lo4.t,1580884974.cds212.lo4.hn,1580884974.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773450
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 16434412247115615338
tpc.googlesyndication.com/simgad/ Frame 348D 78 KB
78 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16434412247115615338?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmqvnHuT25PekFysWe7B7IjTlpecA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe146a0a0fdf1e8bbd7600a4da12624177b732a4496aea55e7c6dc01e4bcd394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 12:05:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 Aug 2017 12:24:11 GMT
server: sffe
age: 67057
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 79762
x-xss-protection: 0
expires: Wed, 03 Feb 2021 12:05:17 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 348D 2 KB
3 KB 9ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 23:33:43 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 25751
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 05 Feb 2020 23:33:43 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 348D 295 B
355 B 9ms
5ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 31773
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 05 Feb 2020 21:53:21 GMT

POST
H/1.1 200
OK auction Show response
prebid.pub.network/openrtb2/ 147 B
434 B 194ms
194ms XHR
application/json 35.226.134.247
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.pub.network/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.226.134.247 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 247.134.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 83d9919b17a33544d8a0bf4aa2b5ee5d8c871ff26980b731a18bd6bfdb148615

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 153
Expires: 0

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=2666d22ce46f84f5;misc=1580884974656; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ 945 B
1 KB 194ms
192ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2666d22ce46f84f5;misc=1580884974656;
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 160383aa78318ce8e7357439aa544589ab30157f656057f4ea6d17a9a5a2390c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=2679d0ff63e71d2f;misc=1580884974656; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ 945 B
1 KB 161ms
159ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2679d0ff63e71d2f;misc=1580884974656;
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: dbc7fbff14ae6f4136d9fca336dc7f7822bf60b37322329b9ae7c0391809791d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 34ms
33ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9996a5e9d4e6496b4486b273b4426bc3f3ff6770f7487a92d1f4e6369bf9eb8a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:56 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.42:80
AN-X-Request-Uuid: 914f4d9f-c53c-4403-96fc-d77bc26715eb
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:54 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 26 B
876 B 143ms
143ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%22214e08bfd8c9e929%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22215fac3f5f78d9d5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222163354645238c26%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cd94e1f9f5f4061cfb35d8ddf9ea7dcf613463f59d4b995a5da3741894397c1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 46
Expires: Wed, 05 Feb 2020 06:42:54 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 98ms
98ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 144ms
144ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=397ddc2c-39c0-4160-8ea9-4694c2eceeab&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9485493912241216
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 05714765d940424c8005ec32a0aa6fe52b0b05436da18ff0efe5847a3e405178

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:54 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=361
Content-Length: 6203
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 175 B
372 B 133ms
132ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=397ddc2c-39c0-4160-8ea9-4694c2eceeab&nocache=1580884974658&pubcid=e6e7f62e-1e35-444b-812e-7ededc90f47b&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=300x250%2C300x600&divIds=bleepingcomputer_300x250_300x600_160x600_Right_2&auid=540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash: fbb05540e9d6c82bbac5c6770c31eaa1d07ae0598e59fed5bd78cc61d4172f9e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
content-encoding: gzip
server: OXGW/16.174.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 166
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
39 B 44ms
44ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Feb 2020 06:42:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5602e833bae3bc60-LHR
access-control-allow-headers: origin, content-type

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 92ms
92ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=227dcaa53409da43&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 92ms
92ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=2288d2e246977da1&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 92ms
91ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=2296ba8967459937&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
482 B 129ms
129ms XHR
application/json 52.58.48.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.4.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tmax=1200

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.48.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-48-163.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 288ms
287ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9026327714c221a2327242263c15f0e2a10879a0447ffe99d7fa89bc1e54e806

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:56 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.167:80
AN-X-Request-Uuid: 9ebd0dd8-ad7a-4c20-900c-06ccdcfd9f63
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 3F05 29 KB
8 KB 17ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506420
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3F05 160 B
1017 B 68ms
60ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

047651738ffcbab4760d624dab988a3e8f8b9a8bcbf36eb5295c3f40ffd176e9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:56 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.232:80
AN-X-Request-Uuid: 0bd2d71a-19ff-412e-83fe-f35756c098b0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3F05 159 B
1016 B 97ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

896c2d6eaa02d38e0046f8696f4134e334969bbad3ef06bf34e507b3ae804ae9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:56 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80
AN-X-Request-Uuid: 19df8c8d-830f-4f9c-bda3-fad171618e2a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 3F05 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:54 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 3F05 44 B
671 B 70ms
69ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2247a9fcb6%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=47a9fcb6-3ec8-47e8-94a6-3ef1267cd46b&pv=47a9fcb6-3ec8-47e8-94a6-3ef1267cd46b&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

4432a7dee9aa8523b42d8ec79f9332fe10e5cd0a04f9e8ce096eb23bdb99ddf3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:54 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 457 B
324 B 341ms
340ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020308.js?21065506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

510c17f56352a57b970a9343b8379d4086078e1b22838444fcf9a9e6fff65ab5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 05 Feb 2020 06:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK auction Show response
prebid.pub.network/openrtb2/ 147 B
433 B 176ms
176ms XHR
application/json 35.226.134.247
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.pub.network/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.226.134.247 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 247.134.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 9f7ae7a1ffc30c0de9565613301e0ae16e65aad71a0c06c1406db84f6fb3161f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 152
Expires: 0

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:54 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 175 B
366 B 147ms
146ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=468b64b7-b4cb-4036-b1b2-c7e5f9cca28f&nocache=1580884974754&pubcid=e6e7f62e-1e35-444b-812e-7ededc90f47b&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90&divIds=bleepingcomputer_728x90_320x50_InContent_1&auid=540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash: 65a5d6c87ba26d35e63c4652d4f93454937a863c35d6506a13165d0bba26a030

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
content-encoding: gzip
server: OXGW/16.174.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 43ms
43ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9bfdae8a7f1b28c90067c9e4d0da90e7232bbaab37879e022230201f7ebe4fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:56 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.212:80
AN-X-Request-Uuid: 8a7a9d49-583d-4d19-bb9d-01d45d148798
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 84ms
83ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 57ms
33ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8a094fdda0f38e6b999c193f4c0ba011ec139a0c9ad8e5b71e8ed19e85da10cd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:56 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid: e64ef8b6-96cd-450c-a10d-63c16de62136
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
39 B 46ms
46ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Feb 2020 06:42:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5602e8344b33bc60-LHR
access-control-allow-headers: origin, content-type

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 26 B
876 B 169ms
126ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%2225497750722c4b53%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2225502e894563d347%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c189e848b57944936f30261f51625f1f64b1ffa86759091c4072105a28783a59

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 46
Expires: Wed, 05 Feb 2020 06:42:54 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 47ms
47ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=2570dfbba0c0a9d3&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 71ms
71ms XHR
text/plain 3.124.246.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ggh1aXSgpQAvBpkxoyAsBJPd&bidId=2581b0d483fc12af&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.246.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-246-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 05 Feb 2020 06:42:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
482 B 115ms
115ms XHR
application/json 52.58.48.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.4.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tmax=1200

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.48.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-48-163.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=26813657986acdbb;misc=1580884974759; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 944 B
1 KB 164ms
163ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=26813657986acdbb;misc=1580884974759;
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 62e13bbb50571414b06a8925afbd807d937e8ae6cfb1078d0c43d04f2524d9b9

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:54 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 944
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 131ms
131ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-data%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=468b64b7-b4cb-4036-b1b2-c7e5f9cca28f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.10750849724742761
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: d7f052b1fdb4bc3d71fa29b43c9e6c439ee942ad69aeee964cea5acd50285c45

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:54 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=427
Content-Length: 6178
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 3F05 20 B
320 B 110ms
110ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=47a9fcb6-3ec8-47e8-94a6-3ef1267cd46b-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:54 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK c Show response
c.pub.network/ 0
267 B 118ms
118ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:54 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 3F05 0
217 B 33ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=47a9fcb6&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 444 B
315 B 402ms
402ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020308.js?21065506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

a1d3db0f8a4ed4c8883dbf76e3a082da31a911f16fa9406ce4df0a2fd4750b07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 05 Feb 2020 06:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
33ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f362739d8aade44edfe90d184bb90e515964abee6f1d44a86e5b456266676712

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:54 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 898

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 451 B
321 B 617ms
617ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020308.js?21065506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

5f62f1af63ddeab5428b58c39df7d97f0b03a50cc7e235bf9d943b1a4d108d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 05 Feb 2020 06:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 243
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 6D30 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:55 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884974.dop206.lo4.t,1580884974.cds212.lo4.hn,1580884975.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773449
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 6D30 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506421
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6D30 160 B
1017 B 28ms
27ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

925b4977b8e5263103c49b9ad9c271332ea8b6f0ec328bf8283355e823277c27

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:57 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.172:80
AN-X-Request-Uuid: 385e5955-9805-40a3-bc52-2a6fc125071f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6D30 166 B
1 KB 42ms
42ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

17b566fee6a22b34c730f8ff7cc8d6ef4737bbf9e1d7cb35d08ca534e7405783

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:57 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid: 7eb3ec39-fb8a-43c7-b18b-5fba8d4dc59a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 6D30 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:55 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 6D30 44 B
606 B 62ms
62ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2215d07bd8%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=15d07bd8-ac7c-4415-b1bc-738857188463&pv=15d07bd8-ac7c-4415-b1bc-738857188463&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c5e22f80c6c51f1f64da7f9dea069b6f7e1b98a3c351a1517d2d1f6e898cf147

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:55 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 6D30 20 B
320 B 237ms
237ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=15d07bd8-ac7c-4415-b1bc-738857188463-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:55 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK c Show response
c.pub.network/ 0
267 B 116ms
116ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:55 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 6D30 0
217 B 33ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=15d07bd8&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:55 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 34ms
34ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a0617f95e533c5920386b775b3f224772d8a14d8f1f7ac922090de95540c983f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:55 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1069

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 59DD 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:55 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884975.dop206.lo4.t,1580884975.cds212.lo4.hn,1580884975.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773449
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 3C53 0
162 B 100ms
99ms Image
text/plain 52.73.64.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:392,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:331,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:1856,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=41c9ee39cb02ebb7104e1580884975438&c_pl=OZSNUx2-UtXQ6F_hRsdfUTNrREb6vHtM2Bjp6chVAfETRweH5DbVUE8LeSEX0CcnsRuOpYmtuiLwOVS0kd86gupUCg7hUpFA7f-hd0SGzkmu6IjrXWpDg3WS7Tjk1Xu8-GRNlI06NbPE4SJdzLUpd1aCq3PPJjElxGVzCtLbjIfjIKnGwugWOd0U1K3_-cWShOrHdO0J9YdzwnB4ssV1HB_FbL4X82uGlESMq1wSldqwb2K03pXF4ln2f3a7WaM3WTj5AEqlS7d8SoGo1fUjXw&c_v=1883_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.64.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-64-251.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 Feb 2020 06:42:55 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 59DD 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506421
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 59DD 159 B
1015 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

742dae59e81bdf2f4655716736336f1d9836b195e0a1e6db518e61d989e4b957

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:57 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.84:80
AN-X-Request-Uuid: d52fa2da-90ba-495a-b78c-120fef0ede07
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 59DD 160 B
1017 B 36ms
36ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

1a7c4bbdcaa54d9421f412805072036e80fd44a0296df5d82dbd0cb681356a8b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:57 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid: 4cad307e-fe7c-4020-819f-ae934ffe89d4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 59DD 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:55 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 59DD 44 B
606 B 49ms
49ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%222eea5133%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=2eea5133-9d83-4e7d-a247-a7a94955bb7f&pv=2eea5133-9d83-4e7d-a247-a7a94955bb7f&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

b627dbccd42c79e0b9ef6063792f9b419b14026e4afaf62912166525dc115725

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:55 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 59DD 20 B
320 B 108ms
108ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=2eea5133-9d83-4e7d-a247-a7a94955bb7f-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:55 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 13ms
13ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3831766069245500&r=300x250%7C300x600&w=300&h=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ima3vpaid.appspot.com/ Frame 59DD 994 B
915 B 157ms
123ms XHR
text/xml 2a00:1450:4001:819::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ima3vpaid.appspot.com/?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D400x300%257C640x480%26max_ad_duration%3D30000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1580884975401%26ord%3D1580884975401&type=js
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: d4b42825a49f5b627303b25c29db732075fd5d173b3eb85288c90d391d5fb0e3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 05 Feb 2020 06:42:55 GMT
content-encoding: gzip
server: Google Frontend
status: 200
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.bleepingcomputer.com
x-cloud-trace-context: 4db6e28fd327153f79de2877a32662c4
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 556

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3042 39 KB
14 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D400x300%257C640x480%26max_ad_duration%3D30000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1580884975401%26ord%3D1580884975401&type=js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af51be685e6951f20171a4cb7fd87dcbfafd74f9150c0ef3ffea23701fe8d485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Feb 2020 16:25:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14297
x-xss-protection: 0
expires: Wed, 05 Feb 2020 06:57:55 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 0
267 B 120ms
120ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:55 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3042 268 KB
91 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D400x300%257C640x480%26max_ad_duration%3D30000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D1580884975401%26ord%3D1580884975401&type=js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7884d34a71b7b129a41ba26c8edfcad43164038950c97ee26c152f0a8099c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 93155
x-xss-protection: 0
expires: Wed, 05 Feb 2020 06:42:55 GMT

GET
H2 200 bridge3.365.1_en.html
imasdk.googleapis.com/js/core/ Frame E5AD 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.365.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.365.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 196000
date: Tue, 04 Feb 2020 17:03:33 GMT
expires: Wed, 03 Feb 2021 17:03:33 GMT
last-modified: Mon, 03 Feb 2020 16:21:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 49162
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3042 26 KB
10 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Wed, 05 Feb 2020 06:42:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3042 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3042 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3042 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?et=object&lid=126&sdkv=h.3.365.1&e=31061775%2C44713399&id=ima_html5&c=877531136008740&domain

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 06:42:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 59DD 0
217 B 33ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=2eea5133&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 35ms
35ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a5304028ef84989edbb9a0cad458ab6616181bbb2fee6a72226a837e4e9b276b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:56 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 910

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 0F1E 421 KB
94 KB 28ms
27ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:56 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884976.dop206.lo4.t,1580884976.cds212.lo4.hn,1580884976.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773448
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 0F1E 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506422
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0F1E 159 B
1015 B 29ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8e771d965ca2e23f7362e4fe9885f76422e5f4d8ef1bc3d2c78241f0b6a95865

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:58 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.26:80
AN-X-Request-Uuid: aade06db-5672-413e-93d7-cbc7d0565858
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0F1E 166 B
1 KB 48ms
47ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b7a961984e87badb1b00e3b944cc5a6572144923e7b7e8694d7f9acbd401f800

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:58 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.235:80
AN-X-Request-Uuid: c176e684-d250-488e-a629-f71e47874bd3
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 0F1E 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:56 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 0F1E 44 B
606 B 46ms
46ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%221fac3fb7%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=1fac3fb7-8f22-4b12-a17d-bf66c09c8d35&pv=1fac3fb7-8f22-4b12-a17d-bf66c09c8d35&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

9b1238fb3f1d10ff490d601f0d4e4eb3b4c67c4c453d99fbe5ddc548884ef750

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:56 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 0F1E 20 B
320 B 157ms
157ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=1fac3fb7-8f22-4b12-a17d-bf66c09c8d35-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:56 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK c Show response
c.pub.network/ 0
267 B 119ms
119ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:56 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 0F1E 0
217 B 33ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=1fac3fb7&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 34ms
34ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ceadb299930c2f5382777cae92a93b210b97b09617c54e55661164886da245cf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:56 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 921

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 37DE 421 KB
94 KB 25ms
25ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:56 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884976.dop206.lo4.t,1580884976.cds212.lo4.hn,1580884976.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773448
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 37DE 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506422
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 37DE 160 B
1016 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e02bdfbe4981ea93b307d48edcbe810fd1705adc5a26c2e8a74ba5c19d758273

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:58 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.19:80
AN-X-Request-Uuid: 52a95278-7f9e-47de-8993-a0fd909b8883
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 37DE 160 B
1016 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e42be32c128d0cdf254d581d402c443978a997702eb8a2ade20a2ad7d20ac9f6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:58 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.86:80
AN-X-Request-Uuid: 63ab1afb-a2a0-4f85-850f-47d989d40014
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 37DE 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:56 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 37DE 44 B
606 B 68ms
68ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22f04587b5%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=f04587b5-b834-43da-bb6e-d7d8b1065983&pv=f04587b5-b834-43da-bb6e-d7d8b1065983&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

9f7a136c01a3a5bbf5e4e9dbd70ab0b455fb000c0e307321fe8ad62ee43be006

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:56 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 37DE 20 B
320 B 123ms
122ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=f04587b5-b834-43da-bb6e-d7d8b1065983-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:56 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 37DE 0
217 B 33ms
32ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=f04587b5&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b9939d34337d04df9c5c2fde06eb815a1bb548615bb0b991e18bb6eee2ef7114

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:56 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 901

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame E908 421 KB
94 KB 32ms
31ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:56 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884976.dop206.lo4.t,1580884976.cds212.lo4.hn,1580884976.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773448
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame E908 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506422
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E908 160 B
1016 B 28ms
27ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b34a98012927189c9a7315f05e70ef018a49cfa59ccf5a6f52cb304d3e0f1d7c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:58 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.57:80
AN-X-Request-Uuid: 04a68cf3-351e-452f-8aca-6b1dc7ab635b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E908 166 B
1 KB 36ms
36ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c0c5ec25d8cf7f413e82d6abab1282d59ced66ab55cd332be5ff2974c8eb658b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:58 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid: 2921aca4-cac9-42a6-a031-b8ca385a56dc
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame E908 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:56 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame E908 44 B
606 B 74ms
74ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22995e530e%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=995e530e-3421-4a22-812e-401e72387f31&pv=995e530e-3421-4a22-812e-401e72387f31&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

83f3dd20974bddf04c347d583d900b5c5db7330de2c4a8ec335fbf1968d643e3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:56 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame E908 20 B
320 B 114ms
114ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=995e530e-3421-4a22-812e-401e72387f31-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:57 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame E908 0
217 B 33ms
32ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=995e530e&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:57 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 32ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 67776f84608e00d1052477e44400d9e2113448e704a47c518257daeea6a73b66

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:57 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 900

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame AAE5 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:57 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884977.dop206.lo4.t,1580884977.cds212.lo4.hn,1580884977.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773447
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame AAE5 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506423
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame AAE5 160 B
1017 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7763540db9e1feaeed18a58580436814b9b407fe42c9a68fb1e5026fba499a47

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:59 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.149:80
AN-X-Request-Uuid: 6b31e8a7-4659-428b-8ff1-fe57d6847a19
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame AAE5 160 B
1017 B 29ms
29ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2ea8f2eaa2b25b7b53f30a9c939e10249c35ac655901a7d7d319ead90590ef28

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:59 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.141:80
AN-X-Request-Uuid: c1ed3c7c-629c-4fac-85fe-573028e8501e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame AAE5 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:57 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame AAE5 44 B
671 B 72ms
72ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%229b7f0174%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=9b7f0174-9735-46db-a0df-5e05878d7748&pv=9b7f0174-9735-46db-a0df-5e05878d7748&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

bfe91a69b54109535e2a7fe6e14fbdd1953b1c74e12bafe5e527e21f15a01295

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:57 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame AAE5 20 B
320 B 107ms
107ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=9b7f0174-9735-46db-a0df-5e05878d7748-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:57 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame AAE5 0
217 B 33ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=9b7f0174&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:57 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d4de3340bb36b00db883fad10e2c9a33ec4dc2ced3a873592028580630fca3f7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:57 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 890

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame BC17 421 KB
94 KB 23ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:57 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884977.dop206.lo4.t,1580884977.cds212.lo4.hn,1580884977.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773447
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame BC17 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506423
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BC17 160 B
1017 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

383b2f9e9feceaf19e3ee47bf2817d73bbde77e37acb59c53a255ab9c3ac858c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:59 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.217:80
AN-X-Request-Uuid: 24258a86-68d1-4c39-b224-9b1f2f55ec52
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BC17 159 B
1016 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

1dc5cab2d19c2255d7851398cca914cff92de1a7cad05dadb90ec79f1eb49775

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:59 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.117:80
AN-X-Request-Uuid: 376c1af3-ef0b-4e88-9f8e-ded340320140
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame BC17 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:57 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame BC17 44 B
606 B 51ms
51ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22c72fbd50%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=c72fbd50-e37d-4970-894f-eb387d4b288a&pv=c72fbd50-e37d-4970-894f-eb387d4b288a&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

28e26856a0bfeddef1e97e52eec05855a743ca87aa71125ce2cac9d6dbc0b4b0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:57 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame BC17 20 B
320 B 126ms
126ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=c72fbd50-e37d-4970-894f-eb387d4b288a-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:57 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame BC17 0
217 B 33ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=c72fbd50&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:57 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
33ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d64d14306420ee115cb14a769ddc4009aaa64bf168052c6dcaa64192b46571d1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:57 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 916

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 1E37 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:57 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884977.dop206.lo4.t,1580884977.cds212.lo4.hn,1580884977.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773447
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 1E37 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506423
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1E37 160 B
1016 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

316dff88051acb72e38e5b5a71c2f68224c379ada2e6a76636d9c0b76602333e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:59 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.45:80
AN-X-Request-Uuid: 1b96d61b-d2fc-44c5-8a3a-49021ca3051b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1E37 160 B
1017 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b711ed99e4d9394550483e75df369cfa51f2426bbca12144a56496c0e8f11098

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:59 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.235:80
AN-X-Request-Uuid: 36c93899-3ac4-4f27-a0e1-1c0680f84ce0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 1E37 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:57 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 1E37 44 B
606 B 52ms
52ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22f50f6a2e%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=f50f6a2e-47d2-482a-911b-d3651c2f347d&pv=f50f6a2e-47d2-482a-911b-d3651c2f347d&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

55621bcaa47fb879640be93615cae8f9769a69e779266784394c2b1e6cd968dd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:57 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 1E37 20 B
320 B 112ms
111ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=f50f6a2e-47d2-482a-911b-d3651c2f347d-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:57 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 1E37 0
217 B 33ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=f50f6a2e&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:58 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 34ms
33ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7a79b9cd983ee519fc2c654c06c830fe8d48e5443846f3b4e4cfb7dfca838734

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:58 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 920

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 6653 421 KB
94 KB 23ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:58 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884978.dop206.lo4.t,1580884978.cds212.lo4.hn,1580884978.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773446
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 6653 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506424
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6653 160 B
1017 B 31ms
31ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e1526b217dc025f9b80a47c34c16a3ede682e9447f849a97da12c223a99bda8d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:00 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: 6204dc17-9e74-4cc2-96ba-71f01f14b508
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6653 159 B
1016 B 257ms
257ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9acac909f5971910d3a4a788693a5db70d892d471e3157614a5688377d03da55

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:00 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.211:80
AN-X-Request-Uuid: 7311d08c-b719-4903-9850-4f856f4708a8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 6653 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:58 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 6653 44 B
606 B 54ms
53ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%224ce8668d%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=4ce8668d-f5f2-455c-a6b8-ab331239cfe0&pv=4ce8668d-f5f2-455c-a6b8-ab331239cfe0&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

16df242b12d7f3a130752eb1963f2d4c49d04cfed0524fcb2f9171b2d33a6638

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:58 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 0
267 B 120ms
120ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:58 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 6653 20 B
320 B 101ms
100ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=4ce8668d-f5f2-455c-a6b8-ab331239cfe0-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:58 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 3C53 0
162 B 100ms
100ms Image
text/plain 52.73.64.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:258,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:265,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:268,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:285,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:283,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=69cf3853b39fd95380ee1580884978439&c_pl=OZSNUx2-UtXQ6F_hRsdfUTNrREb6vHtM2Bjp6chVAfETRweH5DbVUE8LeSEX0CcnsRuOpYmtuiLwOVS0kd86gupUCg7hUpFA7f-hd0SGzkmu6IjrXWpDg3WS7Tjk1Xu8-GRNlI06NbPE4SJdzLUpd1aCq3PPJjElxGVzCtLbjIfjIKnGwugWOd0U1K3_-cWShOrHdO0J9YdzwnB4ssV1HB_FbL4X82uGlESMq1wSldqwb2K03pXF4ln2f3a7WaM3WTj5AEqlS7d8SoGo1fUjXw&c_v=1883_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.64.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-64-251.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 Feb 2020 06:42:58 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 3C53 0
162 B 201ms
101ms Image
text/plain 52.73.64.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:302,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:650,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=08e4214dfd56c77dfe681580884978439&c_pl=OZSNUx2-UtXQ6F_hRsdfUTNrREb6vHtM2Bjp6chVAfETRweH5DbVUE8LeSEX0CcnsRuOpYmtuiLwOVS0kd86gupUCg7hUpFA7f-hd0SGzkmu6IjrXWpDg3WS7Tjk1Xu8-GRNlI06NbPE4SJdzLUpd1aCq3PPJjElxGVzCtLbjIfjIKnGwugWOd0U1K3_-cWShOrHdO0J9YdzwnB4ssV1HB_FbL4X82uGlESMq1wSldqwb2K03pXF4ln2f3a7WaM3WTj5AEqlS7d8SoGo1fUjXw&c_v=1883_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.64.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-64-251.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 Feb 2020 06:42:58 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 6653 0
217 B 35ms
35ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=4ce8668d&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:58 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 36ms
36ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b72e0a72c904c4778da5bc265a7a43a115edbba2a443025a41a5b0346f3160c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:58 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 908

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame C3CB 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:58 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884978.dop206.lo4.t,1580884978.cds212.lo4.hn,1580884978.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773446
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame C3CB 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506424
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C3CB 160 B
1016 B 32ms
31ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b904ffb8c1c8d5fae355025fea68ad24f3286c9c886673d82637dc394aa16ae5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:00 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid: d936b73e-8a45-43f1-9dbf-4a324fa8c114
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C3CB 160 B
1016 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f247510f96940dd2381230eb6b21dbb6e5cafcf9a4e887dd5bf2d63806f604bf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:00 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.21:80
AN-X-Request-Uuid: 7c02b30b-d1a7-4110-9d5e-0225ca2bd9fa
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame C3CB 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:58 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C3CB 44 B
606 B 63ms
63ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22e9f49221%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=e9f49221-b37f-446d-9092-f8baa96baa29&pv=e9f49221-b37f-446d-9092-f8baa96baa29&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

298bd03acab1a45642f159bd3043868e361ddef00e9d945a339fce8e1044ee53

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:58 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame C3CB 20 B
320 B 98ms
98ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=e9f49221-b37f-446d-9092-f8baa96baa29-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:58 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame C3CB 0
217 B 33ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=e9f49221&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:58 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 36ms
36ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eb74d93727a4864faba2e852b7865c2af896029068903c809168fac6c64567c9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:58 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 913

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame BE9A 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:58 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884978.dop206.lo4.t,1580884978.cds212.lo4.hn,1580884978.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773446
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame BE9A 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506424
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BE9A 159 B
1016 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2d5aaacbd800829604fad5254da7810a65c859e81fe510c6228c7215d26bfed7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:00 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.167:80
AN-X-Request-Uuid: 9e9a4832-26e8-4523-87f6-261c14825494
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BE9A 160 B
1017 B 30ms
30ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

242bd19622e5721a4f264838b018f582883fbc5dac05c31e441aca2a8f6e34e9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:00 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.172:80
AN-X-Request-Uuid: 1a0de7b6-d583-4936-9263-236ba9b79c77
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame BE9A 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:58 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame BE9A 44 B
606 B 59ms
59ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%225e2527f1%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=5e2527f1-ebce-444f-abfe-3c81376eb34e&pv=5e2527f1-ebce-444f-abfe-3c81376eb34e&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

472563f442310739fa0648c7157424b22055961c832c76457215d91bac432356

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:58 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame BE9A 20 B
320 B 110ms
110ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=5e2527f1-ebce-444f-abfe-3c81376eb34e-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:59 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame BE9A 0
217 B 33ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=5e2527f1&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
33ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9b066d0248a97937517f6835e81b3a8ca7c88c4feb410ef5c22e460da1fa359a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:59 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 907

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame BDBD 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:59 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884979.dop206.lo4.t,1580884979.cds212.lo4.hn,1580884979.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773445
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame BDBD 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506425
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BDBD 160 B
1016 B 30ms
30ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0531058edff2a70394b6468b716b3172d93481663c9ac6b881c0814d85e7fed4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:01 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.43:80
AN-X-Request-Uuid: 819f4294-b461-4a9d-ae54-f3cefe10abb8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BDBD 160 B
1017 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c153610e2fd2e320bebb482c403547f7c20eb612c03457d996f5073e9501cd91

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:01 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.117:80
AN-X-Request-Uuid: f79fccbf-5058-4b48-99a0-7a9edaf55d1b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame BDBD 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:59 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame BDBD 44 B
606 B 72ms
72ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2229d57f8a%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=29d57f8a-6d23-40ef-aebf-c652adfd3399&pv=29d57f8a-6d23-40ef-aebf-c652adfd3399&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

04b88735c69daae5e86481873badbbded840b81f84e0bdafca64ba94b820654d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:59 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame BDBD 20 B
320 B 99ms
98ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=29d57f8a-6d23-40ef-aebf-c652adfd3399-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:59 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame BDBD 0
217 B 33ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=29d57f8a&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0348ebc50609e1b177ae474cf3b89ba52cb787fb69846622f4ff4439246a59fb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:59 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 909

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame BCBF 421 KB
94 KB 23ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:59 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884979.dop206.lo4.t,1580884979.cds212.lo4.hn,1580884979.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773445
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame BCBF 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506425
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BCBF 159 B
1015 B 28ms
27ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7e683918cca4905e1bcd461a431bc03cab3cd9dd827737b0b4cae5e50a898c8b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:01 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid: 424abc7f-be4c-43fd-91a4-b057d37d2677
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BCBF 160 B
1017 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

ca2feb2dba81bbc4faba7653f1482e9090f45ae6107860859e619a80e27a3cb4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:01 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: 8a57c7a0-9279-44fc-a377-b5b76e6d7614
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame BCBF 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:59 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame BCBF 44 B
606 B 89ms
89ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%221d728ba9%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=1d728ba9-148e-4af7-8ef5-dd689c040921&pv=1d728ba9-148e-4af7-8ef5-dd689c040921&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

f3806fb935b8d5ae0b86528f78a003cbd1935a69785e0d6f8993ef63c5618f19

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:59 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame BCBF 20 B
320 B 109ms
109ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=1d728ba9-148e-4af7-8ef5-dd689c040921-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:59 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame BCBF 0
217 B 33ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=1d728ba9&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:42:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
33ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8d22038ed4ecaf5378bbaf0ee376fcc05ec9c407653b289a4a35ccd3795dc749

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:42:59 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 902

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame 68A8 0
0 106ms
105ms Document
text/html 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.districtm.io/ids/index.html

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
date: Wed, 05 Feb 2020 06:42:59 GMT
content-type: text/html
set-cookie: __cfduid=dbe39b4d4a5851571f70deb091172fb591580884979; expires=Fri, 06-Mar-20 06:42:59 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray: 5602e853decbbc60-LHR
cache-control: s-maxage=1209600, max-age=14400
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame DBDD 0
0 156ms
78ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 04 Feb 2020 05:12:07 GMT
ETag: "13006b6-9f85-59db914d12ccf"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14955
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=81253
Expires: Thu, 06 Feb 2020 05:17:12 GMT
Date: Wed, 05 Feb 2020 06:42:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame C1C4 0
0 153ms
152ms Document
text/html 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.districtm.io/ids/index.html

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
date: Wed, 05 Feb 2020 06:42:59 GMT
content-type: text/html
set-cookie: __cfduid=dbe39b4d4a5851571f70deb091172fb591580884979; expires=Fri, 06-Mar-20 06:42:59 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray: 5602e853ded0bc60-LHR
cache-control: s-maxage=1209600, max-age=14400
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7269 0
0 47ms
47ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=8354101910557972910; icu=ChgIodc0EAoYASABKAEw8Mfp8QU4AUABSAEKGAjywF4QChgDIAMoAzDyx-nxBTgDQANIAwoYCIXlXhAKGAIgAigCMPDH6fEFOAJAAkgCEPLH6fEFGAU.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 04 Feb 2021 06:42:59 GMT
Date: Wed, 05 Feb 2020 06:42:59 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame CDCD 0
0 148ms
68ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 04 Feb 2020 05:12:07 GMT
ETag: "13006b6-9f85-59db914d12ccf"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14955
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=81253
Expires: Thu, 06 Feb 2020 05:17:12 GMT
Date: Wed, 05 Feb 2020 06:42:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame AD52 0
0 149ms
75ms Document
text/html 23.37.55.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Accept-Encoding: gzip, deflate, br
Cookie: audit=1|hLZGFuTafB0kYovRvkf78QAAUjyB2/ymwzoh4JwhOsxpf9n9rQ69JMmOZNlrfnQZ8Wf+CDJvEd7vQn6gbej9EcxuhZpbWKLt+/AMC2wiya8=; rsid=1|Bcy8MVRC7ODdRTOg1ss9JhXtu58fJrGXvHdRGdGfflUb+NjUUmLjR8SYY9WJjOTLRBrC42GqH2HqUCjGMzz/K1KrngFWuVYFygsqecqRRkN5zGTGXOMAbP+vG/+NWVuQHrKclX98PzDzxP45CaxWkcluaemefw==; ses15=151312^1; vis15=151312^1; khaos=K68Y3HDR-14-2U0E; ses2=151312^3; vis2=151312^3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 31 Jan 2020 17:16:13 GMT
Content-Encoding: gzip
Content-Length: 7779
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=21868
Expires: Wed, 05 Feb 2020 12:47:27 GMT
Date: Wed, 05 Feb 2020 06:42:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 48F8 0
0 35ms
34ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
cookie: i=e6e7f62e-1e35-444b-812e-7ededc90f47b|1580884972
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=e6e7f62e-1e35-444b-812e-7ededc90f47b|1580884972; Version=1; Expires=Thu, 04-Feb-2021 06:42:59 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1580884979|mOsLgqgikin0fcmWiygu; Version=1; Expires=Thu, 20-Feb-2020 06:42:59 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.174.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 05 Feb 2020 06:42:59 GMT
content-type: text/html
content-length: 483
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 sync
eb2.3lift.com/ Frame 36DC 0
0 140ms
66ms Document
text/html 35.157.209.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.209.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-209-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
cookie: tluid=1183728643593399773
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
date: Wed, 05 Feb 2020 06:42:59 GMT
content-type: text/html; charset=utf-8
content-length: 493
set-cookie: sync=CgoIgQIQwOHZoIEuCgoI4gEQwOHZoIEuCgoI5gEQwOHZoIEuCgkICRDA4dmggS4KCgipARDA4dmggS4KCQg5EMDh2aCBLgoJCDoQwOHZoIEuCgkICxDA4dmggS4KCgjOARDA4dmggS4KCQgfEMDh2aCBLg==; Max-Age=7776000; Expires=Tue, 5 May 2020 06:42:59 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=1183728643593399773; Max-Age=7776000; Expires=Tue, 5 May 2020 06:42:59 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 sync
eb2.3lift.com/ Frame BDED 0
0 138ms
66ms Document
text/html 35.157.209.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.209.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-209-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
cookie: tluid=1183728643593399773
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
date: Wed, 05 Feb 2020 06:42:59 GMT
content-type: text/html; charset=utf-8
content-length: 493
set-cookie: sync=CgoIgQIQwOHZoIEuCgoI4gEQwOHZoIEuCgoI5gEQwOHZoIEuCgkICRDA4dmggS4KCgipARDA4dmggS4KCQg5EMDh2aCBLgoJCDoQwOHZoIEuCgkICxDA4dmggS4KCgjOARDA4dmggS4KCQgfEMDh2aCBLg==; Max-Age=7776000; Expires=Tue, 5 May 2020 06:42:59 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=1183728643593399773; Max-Age=7776000; Expires=Tue, 5 May 2020 06:42:59 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame D31A 0
0 35ms
35ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
cookie: i=e6e7f62e-1e35-444b-812e-7ededc90f47b|1580884972
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=e6e7f62e-1e35-444b-812e-7ededc90f47b|1580884972; Version=1; Expires=Thu, 04-Feb-2021 06:42:59 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1580884979|mOsLgqgikin0fcmWiygu; Version=1; Expires=Thu, 20-Feb-2020 06:42:59 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.174.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 05 Feb 2020 06:42:59 GMT
content-type: text/html
content-length: 483
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 828D 0
0 141ms
64ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 04 Feb 2020 05:12:07 GMT
ETag: "13006b6-9f85-59db914d12ccf"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14955
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=81253
Expires: Thu, 06 Feb 2020 05:17:12 GMT
Date: Wed, 05 Feb 2020 06:42:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame C5FB 0
0 136ms
136ms Document
text/html 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.districtm.io/ids/index.html

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
date: Wed, 05 Feb 2020 06:42:59 GMT
content-type: text/html
set-cookie: __cfduid=dbe39b4d4a5851571f70deb091172fb591580884979; expires=Fri, 06-Mar-20 06:42:59 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray: 5602e853eef6bc60-LHR
cache-control: s-maxage=1209600, max-age=14400
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 559F 0
0 35ms
35ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
cookie: i=e6e7f62e-1e35-444b-812e-7ededc90f47b|1580884972
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=e6e7f62e-1e35-444b-812e-7ededc90f47b|1580884972; Version=1; Expires=Thu, 04-Feb-2021 06:42:59 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1580884979|mOsLgqgikin0fcmWiygu; Version=1; Expires=Thu, 20-Feb-2020 06:42:59 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.174.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 05 Feb 2020 06:42:59 GMT
content-type: text/html
content-length: 483
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 sync
eb2.3lift.com/ Frame AFF2 0
0 129ms
67ms Document
text/html 35.157.209.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.209.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-209-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
cookie: tluid=1183728643593399773
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
date: Wed, 05 Feb 2020 06:42:59 GMT
content-type: text/html; charset=utf-8
content-length: 493
set-cookie: sync=CgoIgQIQwOHZoIEuCgoI4gEQwOHZoIEuCgoI5gEQwOHZoIEuCgkICRDA4dmggS4KCgipARDA4dmggS4KCQg5EMDh2aCBLgoJCDoQwOHZoIEuCgkICxDA4dmggS4KCgjOARDA4dmggS4KCQgfEMDh2aCBLg==; Max-Age=7776000; Expires=Tue, 5 May 2020 06:42:59 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=1183728643593399773; Max-Age=7776000; Expires=Tue, 5 May 2020 06:42:59 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 sync
eb2.3lift.com/ Frame 48BE 0
0 127ms
65ms Document
text/html 35.157.209.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.209.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-209-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
cookie: tluid=1183728643593399773
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
date: Wed, 05 Feb 2020 06:42:59 GMT
content-type: text/html; charset=utf-8
content-length: 493
set-cookie: sync=CgoIgQIQwOHZoIEuCgoI4gEQwOHZoIEuCgoI5gEQwOHZoIEuCgkICRDA4dmggS4KCgipARDA4dmggS4KCQg5EMDh2aCBLgoJCDoQwOHZoIEuCgkICxDA4dmggS4KCgjOARDA4dmggS4KCQgfEMDh2aCBLg==; Max-Age=7776000; Expires=Tue, 5 May 2020 06:42:59 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=1183728643593399773; Max-Age=7776000; Expires=Tue, 5 May 2020 06:42:59 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 113E 0
0 64ms
38ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=8354101910557972910; icu=ChgIodc0EAoYASABKAEw8Mfp8QU4AUABSAEKGAjywF4QChgDIAMoAzDyx-nxBTgDQANIAwoYCIXlXhAKGAIgAigCMPDH6fEFOAJAAkgCEPLH6fEFGAU.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 04 Feb 2021 06:42:59 GMT
Date: Wed, 05 Feb 2020 06:42:59 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame AD20 0
0 135ms
60ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 04 Feb 2020 05:12:07 GMT
ETag: "13006b6-9f85-59db914d12ccf"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14955
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=81253
Expires: Thu, 06 Feb 2020 05:17:12 GMT
Date: Wed, 05 Feb 2020 06:42:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 53F3 0
0 128ms
66ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=8354101910557972910; icu=ChgIodc0EAoYASABKAEw8Mfp8QU4AUABSAEKGAjywF4QChgDIAMoAzDyx-nxBTgDQANIAwoYCIXlXhAKGAIgAigCMPDH6fEFOAJAAkgCEPLH6fEFGAU.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 04 Feb 2021 06:42:59 GMT
Date: Wed, 05 Feb 2020 06:42:59 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 5CB9 0
0 130ms
56ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=8354101910557972910; icu=ChgIodc0EAoYASABKAEw8Mfp8QU4AUABSAEKGAjywF4QChgDIAMoAzDyx-nxBTgDQANIAwoYCIXlXhAKGAIgAigCMPDH6fEFOAJAAkgCEPLH6fEFGAU.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 04 Feb 2021 06:42:59 GMT
Date: Wed, 05 Feb 2020 06:42:59 GMT
Connection: keep-alive

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame 6AE5 0
0 125ms
125ms Document
text/html 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.districtm.io/ids/index.html

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
date: Wed, 05 Feb 2020 06:42:59 GMT
content-type: text/html
set-cookie: __cfduid=dbe39b4d4a5851571f70deb091172fb591580884979; expires=Fri, 06-Mar-20 06:42:59 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray: 5602e8540f04bc60-LHR
cache-control: s-maxage=1209600, max-age=14400
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 3741 0
0 34ms
34ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
accept-encoding: gzip, deflate, br
cookie: i=e6e7f62e-1e35-444b-812e-7ededc90f47b|1580884972
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=e6e7f62e-1e35-444b-812e-7ededc90f47b|1580884972; Version=1; Expires=Thu, 04-Feb-2021 06:42:59 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1580884979|mOsLgqgikin0fcmWiygu; Version=1; Expires=Thu, 20-Feb-2020 06:42:59 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.174.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 05 Feb 2020 06:42:59 GMT
content-type: text/html
content-length: 483
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame C312 421 KB
94 KB 23ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:42:59 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884979.dop206.lo4.t,1580884979.cds212.lo4.hn,1580884979.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773445
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame C312 29 KB
8 KB 17ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506425
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C312 160 B
1017 B 59ms
59ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9a0a4f6cbba43d4840689a7bcd59c99934b0973df6a9fe84964ec29e89365ba0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:01 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.141:80
AN-X-Request-Uuid: 6b6c83f8-61e2-472f-832f-d1fc4b544f69
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C312 166 B
1 KB 60ms
60ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

499b886485a66bb343b5e7030223272dd88ef68df294cc0839f41fb2d8abab10

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:01 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: 277b3f93-d1b7-4039-a633-a6bae8931ee5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame C312 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:42:59 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C312 44 B
606 B 68ms
68ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%222fd8fbf9%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=2fd8fbf9-0f3d-4f33-a036-cd6bb8be5b31&pv=2fd8fbf9-0f3d-4f33-a036-cd6bb8be5b31&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

d9bfcbf2b4d2980484119f6a6b4faa77b2cf0188f590cb1f3ecb582ae85bf134

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:42:59 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame C312 20 B
320 B 109ms
108ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=2fd8fbf9-0f3d-4f33-a036-cd6bb8be5b31-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame C312 0
217 B 43ms
43ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=2fd8fbf9&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 40ms
40ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 93b625a9d29ccdf9b8f762daf4244567d06b52c686bee24f9a7115babb43a2e9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:00 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 923

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 2BB5 421 KB
94 KB 28ms
27ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:00 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884980.dop206.lo4.t,1580884980.cds212.lo4.hn,1580884980.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773444
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 2BB5 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506426
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2BB5 166 B
1 KB 35ms
35ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f6710e7c08ca903910969dd6adde9c5e6a47c0c2c81b5250004fa26ad2431160

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:02 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.74:80
AN-X-Request-Uuid: 79c477b0-19c8-4fe0-a94a-ec2885073635
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2BB5 160 B
1017 B 33ms
32ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a5695670c47e42e96b333fadb347e9634da846b9540ff77f92fb126afc39b8d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:02 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.138:80
AN-X-Request-Uuid: 579a431b-558e-4806-b39e-7e507bb3ca68
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 2BB5 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:00 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 2BB5 44 B
606 B 53ms
52ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22f254da23%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=f254da23-9b70-4b9d-bd9f-3fc969b53196&pv=f254da23-9b70-4b9d-bd9f-3fc969b53196&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

0d5b798f848048a280599a03e053d592b9c14d1109975b3a5072943d36f26bf2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:00 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 2BB5 20 B
320 B 105ms
105ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=f254da23-9b70-4b9d-bd9f-3fc969b53196-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 2BB5 0
217 B 33ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=f254da23&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
33ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e8710142786daa42e5e4d8639fdc8641e9511c360378269471b78f82f3eb7c50

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:00 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 889

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 3441 421 KB
94 KB 23ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:00 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884980.dop206.lo4.t,1580884980.cds212.lo4.hn,1580884980.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773444
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 3441 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506426
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3441 160 B
1017 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

546a56e984470e076600da6826160e6965202c070f8b257bce8681ded8c0ec54

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:02 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.137:80
AN-X-Request-Uuid: 06d6e2d6-e16d-4580-8d0b-25ad19acd54b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3441 160 B
1016 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e2ac1a98c46a1fef54412b0cd7bf1e986abd18de04ddc9d91ca647410939cfcd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:02 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid: 9fc9f890-35c2-4599-9442-a22aa410aa6b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 3441 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:00 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 3441 44 B
606 B 50ms
50ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2287605df1%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=87605df1-726d-4e1a-a032-e81ee0dd82ac&pv=87605df1-726d-4e1a-a032-e81ee0dd82ac&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

f3e5ba5912b8372fc0677ee3850409fab193ace36258decf465b25d27cb2832b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:00 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 3441 20 B
320 B 110ms
109ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=87605df1-726d-4e1a-a032-e81ee0dd82ac-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 3441 0
217 B 34ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=87605df1&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ebc363d111191a6e6e73b0455ecebab83647562808234e05a14bf4b5ead459b0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:00 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 911

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 4200 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:00 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884980.dop206.lo4.t,1580884980.cds212.lo4.hn,1580884980.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773444
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 4200 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506426
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4200 160 B
1017 B 28ms
27ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

82813170efb382b4326c46afaf06a1c3d543259ba2cf7019037c82e349f29416

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:02 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.176:80
AN-X-Request-Uuid: da1f103a-7c8a-4237-be09-04912ac950ca
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4200 166 B
1 KB 42ms
42ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a358646272b783a91f077df6fda256a397a2d305a0e490afbe419c0e1fcbd428

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:02 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid: 455e5114-b344-4b9f-8001-9d0c631bceb7
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 4200 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:00 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 4200 44 B
606 B 48ms
48ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22a994afc7%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=a994afc7-8582-4ce3-80e9-c0aa35de6115&pv=a994afc7-8582-4ce3-80e9-c0aa35de6115&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

6fd838613c8f124363a16b3eb9e7d8536000cba9f12e3b85dfabcb986431a336

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:00 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 4200 20 B
320 B 118ms
118ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=a994afc7-8582-4ce3-80e9-c0aa35de6115-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 4200 0
217 B 34ms
34ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=a994afc7&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 32ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f5ce36ae0e000812c31a459da885c40b603ae2d3864aed0eb056f8af45224361

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:01 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 909

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 6C6D 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884981.dop206.lo4.t,1580884981.cds212.lo4.hn,1580884981.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773443
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 6C6D 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506427
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6C6D 160 B
1017 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9c8a41d3139e8b0ac2749b2a99a627873a3568cef1ad0b6347785ae9b4e61f6a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:03 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.139:80
AN-X-Request-Uuid: b7fa230e-b7e3-4259-bdea-e58cfbf07279
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6C6D 160 B
1017 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

073889266b51eac5ce000a5741fa8a860c5f0634cc3cdb8fc755f02681f2c326

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:03 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: 408fa599-94ef-4271-9cd2-52772d056811
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 6C6D 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:01 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 6C6D 44 B
671 B 56ms
56ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2203aa6bf0%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=03aa6bf0-d05f-4a0f-a22a-c08fc86198ef&pv=03aa6bf0-d05f-4a0f-a22a-c08fc86198ef&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

f5cdba6bb1017a33b997c878bf75a5e94a739ca875cc6b2c8c5defda158590fb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:01 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 6C6D 20 B
320 B 97ms
97ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=03aa6bf0-d05f-4a0f-a22a-c08fc86198ef-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:01 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 6C6D 0
217 B 34ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=03aa6bf0&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ce4e3142f95cc6893930f1bff83d8d010e227c5c93bcf3b621760f06930a3f5a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:01 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 900

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 9ED6 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884981.dop206.lo4.t,1580884981.cds212.lo4.hn,1580884981.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773443
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 9ED6 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506427
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9ED6 160 B
1016 B 28ms
27ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0cb58a708b3022333682c3342c3b1799c1a6e6da19b4337e9d30f00cdab8390e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:03 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.54:80
AN-X-Request-Uuid: f4b06dc5-de05-4ec7-a89a-322632922792
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9ED6 160 B
1016 B 28ms
27ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

790ef9c8ef0ab01ca06084e9e348b8032087fec728b0d4f66e895cdb98812b74

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:03 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid: 037f8a0c-ec60-42cb-8ccf-af42d94283dc
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 9ED6 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:01 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 9ED6 44 B
606 B 63ms
63ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22f8c9ec24%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=f8c9ec24-7808-48cf-b5c1-02be4f1f8c8d&pv=f8c9ec24-7808-48cf-b5c1-02be4f1f8c8d&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c403ec750873692fe2bbdde0ae048cd3f0d27bf4a7b2ce6f8803dace59a7058c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:01 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 3C53 0
162 B 100ms
99ms Image
text/plain 52.73.64.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:246,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:261,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:258,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:251,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:288,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=42eec2aa7e6b99cca6901580884981439&c_pl=OZSNUx2-UtXQ6F_hRsdfUTNrREb6vHtM2Bjp6chVAfETRweH5DbVUE8LeSEX0CcnsRuOpYmtuiLwOVS0kd86gupUCg7hUpFA7f-hd0SGzkmu6IjrXWpDg3WS7Tjk1Xu8-GRNlI06NbPE4SJdzLUpd1aCq3PPJjElxGVzCtLbjIfjIKnGwugWOd0U1K3_-cWShOrHdO0J9YdzwnB4ssV1HB_FbL4X82uGlESMq1wSldqwb2K03pXF4ln2f3a7WaM3WTj5AEqlS7d8SoGo1fUjXw&c_v=1883_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.64.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-64-251.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 Feb 2020 06:43:01 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 3C53 0
162 B 101ms
101ms Image
text/plain 52.73.64.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:286,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:260,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:257,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:253,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:448,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=2fb9780c34f2d9a54cb61580884981439&c_pl=OZSNUx2-UtXQ6F_hRsdfUTNrREb6vHtM2Bjp6chVAfETRweH5DbVUE8LeSEX0CcnsRuOpYmtuiLwOVS0kd86gupUCg7hUpFA7f-hd0SGzkmu6IjrXWpDg3WS7Tjk1Xu8-GRNlI06NbPE4SJdzLUpd1aCq3PPJjElxGVzCtLbjIfjIKnGwugWOd0U1K3_-cWShOrHdO0J9YdzwnB4ssV1HB_FbL4X82uGlESMq1wSldqwb2K03pXF4ln2f3a7WaM3WTj5AEqlS7d8SoGo1fUjXw&c_v=1883_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbitpylock-ransomware-now-threatens-to-publish-stolen-&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.64.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-64-251.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 05 Feb 2020 06:43:01 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 9ED6 20 B
320 B 102ms
101ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=f8c9ec24-7808-48cf-b5c1-02be4f1f8c8d-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:01 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 9ED6 0
217 B 34ms
34ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=f8c9ec24&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 32ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 049bdb52f632b0487259d1e82cd82c3ffb27c6447cc614d3b1547c25fb4cff87

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:01 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 894

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 1CCD 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884981.dop206.lo4.t,1580884981.cds212.lo4.hn,1580884981.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773443
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 1CCD 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506427
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1CCD 160 B
1016 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e0ce40d9210947694709fe19bbd60261edddae05cbb7417190bafe2ac9651f40

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:03 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid: 7862da8e-7a71-4600-bc05-4095cae9c72f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1CCD 160 B
1017 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

76617d27359d56f2da3764b159d51a3a03310a3bc26bf4196ef62a997253d4d9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:03 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.109:80
AN-X-Request-Uuid: ff9b3ff6-11af-43e0-885e-34526eb0f6d9
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 1CCD 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:01 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 1CCD 44 B
606 B 114ms
114ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22d350684d%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=d350684d-915f-4602-8ba9-baa9d7f469d6&pv=d350684d-915f-4602-8ba9-baa9d7f469d6&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

3deaccf0ec79bfb2bdec9aba4e68939c3327247acd044790838c30e3342eb293

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:01 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 1CCD 20 B
320 B 105ms
105ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=d350684d-915f-4602-8ba9-baa9d7f469d6-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:01 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 1CCD 0
217 B 34ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=d350684d&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
33ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c5486ad6e846ffba4d0f46a96d0cd9411a58d1dc36dc5255e84b0af4571be346

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:02 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 902

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 7269 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:02 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884982.dop206.lo4.t,1580884982.cds212.lo4.hn,1580884982.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773442
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 7269 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506428
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7269 159 B
1016 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

78911a2468aed6b04950c5051918b04e90721565cfe8e5bb5595193ee3fd28ae

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:04 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 5489c1b1-3992-49e7-8be6-33583e2a714e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7269 160 B
1017 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b38fb1002925d5b725c7866014165ee55ed82a67c8616747d70927c9bf311d39

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:04 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid: 4676c4b9-f041-4bb3-9e7f-8598b229898f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 7269 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:02 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 7269 44 B
606 B 72ms
72ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22701a52e6%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=701a52e6-4269-48a2-a1f8-f9472f59eba5&pv=701a52e6-4269-48a2-a1f8-f9472f59eba5&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

bea18412ec0ecee810183062032f6d2fd90ef77ef34696dd5ee24d60d21c7f23

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:02 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 7269 20 B
320 B 118ms
118ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=701a52e6-4269-48a2-a1f8-f9472f59eba5-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:02 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 7269 0
217 B 34ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=701a52e6&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 32ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5f9b7fb479ee6414ca859b61cad47943cfa2eb6a36e66910cc1f96bd97137c6b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:02 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 903

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 1AE5 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:02 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884982.dop206.lo4.t,1580884982.cds212.lo4.hn,1580884982.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773442
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 1AE5 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506428
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1AE5 159 B
1015 B 32ms
31ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f42b09fcadb262225d0ec9a44d73c441c5450c65ce085f25811dc35743bc6d15

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:04 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.57:80
AN-X-Request-Uuid: 567abb33-312d-4a43-9152-9df475cc33ab
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1AE5 160 B
1016 B 28ms
27ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

58bbb83e2b56a932d2ae33f5b907e923a1f93a3cb0f37269d2f0f54f05e9b5d9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:04 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.47:80
AN-X-Request-Uuid: aa9a8331-ca94-4d0e-8554-9cad48d4e8cc
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 1AE5 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:02 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 1AE5 44 B
606 B 63ms
62ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%223c9a8e23%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=3c9a8e23-5b5e-4641-bb79-1a6b73432d8e&pv=3c9a8e23-5b5e-4641-bb79-1a6b73432d8e&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

1d638035a9ae761ed3b296515af09858556c3432b2ce1a61c5a66ae09127bc8e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:02 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 1AE5 20 B
320 B 98ms
98ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=3c9a8e23-5b5e-4641-bb79-1a6b73432d8e-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:02 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 1AE5 0
217 B 34ms
34ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=3c9a8e23&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 32ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 96c4b756d9d5ea1acaa77c9f6b1eaa4f2a968a7d1cbe14467ab6c457360dc41f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:02 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 892

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 12FE 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:02 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884982.dop206.lo4.t,1580884982.cds212.lo4.hn,1580884982.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773442
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 12FE 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506428
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 12FE 160 B
1016 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

31c5f23eed00b17fbdf9c4727ee54d379c54bb662fec0603736cb3abd6a371fd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:04 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.46:80
AN-X-Request-Uuid: 1109e10f-39aa-4c7d-b36d-c408e2ca0949
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 12FE 160 B
1017 B 29ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

1faa8052caa5d40e09a029a65751395a8348044b737e2725576aa0364f2b8621

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:04 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.222:80
AN-X-Request-Uuid: 1f933662-0829-49f8-a823-9d3ac5cf70bf
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 12FE 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:02 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 12FE 44 B
606 B 52ms
52ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%220e2d9850%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=0e2d9850-6824-45b4-b0a5-5c2b7437d4d4&pv=0e2d9850-6824-45b4-b0a5-5c2b7437d4d4&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

6fb1b32e2b7217c2a8474755cc33b051ff717f41403822bf621486ca33843c3b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:02 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 12FE 20 B
320 B 110ms
110ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=0e2d9850-6824-45b4-b0a5-5c2b7437d4d4-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:02 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 12FE 0
217 B 34ms
34ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=0e2d9850&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f1ef2c19f9f6c3081815808b31f010f38b350515151b599b02615f21b0080669

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:02 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 906

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame F556 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:02 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884982.dop206.lo4.t,1580884982.cds212.lo4.hn,1580884982.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773442
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame F556 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506429
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F556 160 B
1017 B 29ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

808baf907a9210f0d0a150f7a2acf68d908800adb9e99a6159bf888653b415b0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:05 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.249:80
AN-X-Request-Uuid: 399ea992-7ce2-4ede-bccd-56075d18c29e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F556 166 B
1 KB 32ms
32ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

6d20299d6e0bde2060fa9df0d1fb60f98d68dc823735192142c7ea35802409d9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:05 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.19:80
AN-X-Request-Uuid: 3d428457-f414-474f-9fc9-8ca2e368bee6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame F556 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:03 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame F556 44 B
606 B 50ms
50ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22437be45c%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=437be45c-36bd-4e9b-8aa3-d7f6f915e74d&pv=437be45c-36bd-4e9b-8aa3-d7f6f915e74d&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

b44a922dbb5fecbb6f22dd883b0f857c60c7bf588d00aa78248b33ae2619dbba

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:03 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame F556 20 B
320 B 99ms
99ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=437be45c-36bd-4e9b-8aa3-d7f6f915e74d-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:03 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame F556 0
217 B 81ms
80ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=437be45c&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 86ms
85ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bd04f8af9d5d72a2e406c98ed8663bdf6737ff127014f8b645cd8fdda43a52f3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:03 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 902

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 6792 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:03 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884983.dop206.lo4.t,1580884983.cds212.lo4.hn,1580884983.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773441
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 6792 29 KB
8 KB 35ms
35ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506429
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6792 159 B
1015 B 28ms
27ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

facb2c0d1beaddf94d4dd8eeadc357a6b52b789ae215d6efcc17c64e3ae3e395

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:05 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.73:80
AN-X-Request-Uuid: 58591b66-d620-45ed-a8a8-f9695f2fde37
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6792 160 B
1016 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

10963f76a7b1a21f7d3bdc7c7ce66b2b2d63df1c00aa9bd01f8c6e636934dcba

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:05 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.43:80
AN-X-Request-Uuid: 4287e145-6034-4579-93e1-71f900851ea8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 6792 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:03 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 6792 44 B
606 B 63ms
62ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22cf7f73ec%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=cf7f73ec-4dd0-4fce-8f58-642ed4b5dfcb&pv=cf7f73ec-4dd0-4fce-8f58-642ed4b5dfcb&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

ad397e2fbe5d7c35a2b278467d449c0c6a104c274ac3e5e1504b61499b4a202e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:03 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 6792 20 B
320 B 109ms
109ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=cf7f73ec-4dd0-4fce-8f58-642ed4b5dfcb-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:03 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 6792 0
217 B 34ms
34ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=cf7f73ec&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 849047bc529a13271ebb73b8db095b3ded75e983c5b659ed5edcf29c0f3e1676

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:03 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 904

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 17DA 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:03 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884983.dop206.lo4.t,1580884983.cds212.lo4.hn,1580884983.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773441
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 17DA 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506429
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 17DA 166 B
1 KB 33ms
33ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

87dcf2799bdd5de7bfefe9717e0c57f51406128f081025c38f0e53a3e40ef505

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:05 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.237:80
AN-X-Request-Uuid: c2af9b4b-0227-4add-bac0-6f877820076d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 17DA 160 B
1016 B 28ms
28ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8b32913752310e7af403aaa9b6cd770729d324b6f70b0b1f3e5a1604071f73a2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:05 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid: 323de7f2-741f-4e64-be47-56ab6678691c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 17DA 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:03 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 17DA 44 B
606 B 68ms
68ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22f083755f%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=f083755f-fb9b-463d-87c0-3dae33db7719&pv=f083755f-fb9b-463d-87c0-3dae33db7719&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

0839b709d5ebf298e0a1e324454e8135c4ce269938705a46d108c00360bdb3d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:03 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 17DA 20 B
320 B 104ms
104ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=f083755f-fb9b-463d-87c0-3dae33db7719-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:03 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 17DA 0
217 B 34ms
33ms XHR
text/plain 54.77.114.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=f083755f&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.114.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-114-180.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Wed, 05 Feb 2020 06:43:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 3C53 2 KB
1 KB 33ms
32ms XHR
application/xml 52.210.0.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.0.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-0-3.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3ab08ab6ef9155759a9e7686f7247fc7efea62e29db15ab31dc07b1b3ea087fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Wed, 05 Feb 2020 06:43:04 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 898

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame DC9C 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 06:43:04 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580884984.dop206.lo4.t,1580884984.cds212.lo4.hn,1580884984.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=773440
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame DC9C 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 30 Jan 2020 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506430
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: 4p+RahdC0QIUemmlULkEvkwNG+TyCn9jVVO/JGpSgnXfYgND43tCzPU3KmljvJUahOsFj9kDX4Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: A0C32E685044C85F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DC9C 166 B
1 KB 37ms
37ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9bc0fc22cc15f103faf7f583ec884c371f38e549a7afc0855fe94e17c7cf86bb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:06 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.199:80
AN-X-Request-Uuid: 40abf17d-09e9-4ff2-8886-bbc056be7800
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DC9C 160 B
1016 B 28ms
27ms XHR
application/json 185.33.223.221
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.221 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

5374a94e3d46444e9e01de3ad810b0ede056783b629fa1de12457062647a1b2f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:06 GMT
X-Proxy-Origin: 185.16.206.87; 185.16.206.87; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid: a823a3bf-2701-4433-9d59-4e98e558c249
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame DC9C 678 B
878 B 13ms
13ms XHR
text/plain 2a02:fa8:8806:12::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Feb 2020 06:43:04 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK trinity.json
apex.go.sonobi.com/ Frame DC9C 44 B
606 B 49ms
49ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2230f686f7%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=30f686f7-bd83-4f8c-a60b-179158939d68&pv=30f686f7-bd83-4f8c-a60b-179158939d68&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 06:43:04 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET bc2
bc-rtb-dub.springserve.com/ Frame DC9C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1416138b8073e2;misc=1580884972565;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=142a152df5e7ff7;misc=1580884972566;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=14420ccb8acc2f57;misc=1580884972566;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1455b13ed5840109;misc=1580884972566;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1478592d96420179;misc=1580884972566;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1483c39efaa74cc8;misc=1580884972566;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=14910e27f52922a8;misc=1580884972566;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=15031d0de3a16b15;misc=1580884972566;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1517ff698bd88528;misc=1580884972566;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1529fb2e1a329005;misc=1580884972566;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580884972;v=2;cmd=bid;cors=yes;alias=1406f559bf510977;misc=1580884972565

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=143d7ff262f2a42d;misc=1580884972566

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580884973;v=2;cmd=bid;cors=yes;alias=1466c91242e9c984;misc=1580884972566

Domain: bc-rtb-dub.springserve.com
URL: https://bc-rtb-dub.springserve.com/bc2?r=30f686f7-bd83-4f8c-a60b-179158939d68-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 07:08:05	Name: test_cookie Value: CheckForPermission
www.bleepingcomputer.com/	1970-01-19 15:53:40	Name: _pubcid Value: e6e7f62e-1e35-444b-812e-7ededc90f47b
www.bleepingcomputer.com/	1970-01-19 07:08:06	Name: fssts Value: false
.bleepingcomputer.com/	1970-01-19 07:09:31	Name: _gid Value: GA1.2.798169248.1580884972
www.bleepingcomputer.com/	1970-01-19 07:08:06	Name: _fssid Value: 85258f49-09a0-4aae-b59d-eceec08022bf
www.bleepingcomputer.com/	1969-12-31 23:59:59	Name: _cmpQcif3pcsupported Value: 1
www.bleepingcomputer.com/	1970-01-19 07:08:06	Name: __atuvs Value: 5e3a63ecce2ea5a6000
.bleepingcomputer.com/	1970-01-20 00:39:16	Name: _ga Value: GA1.2.1151093400.1580884972
www.bleepingcomputer.com/	1970-01-19 07:51:16	Name: lav Value: 7592
.bleepingcomputer.com/	1970-01-19 07:08:05	Name: _gat_gtag_UA_91740_1 Value: 1
.bleepingcomputer.com/	1969-12-31 23:59:59	Name: session_id Value: d6155ca050fa26ac090755b916440815
www.bleepingcomputer.com/	1970-01-19 16:35:26	Name: __atuvc Value: 1%7C6
.bleepingcomputer.com/	1970-01-19 07:51:16	Name: __cfduid Value: d13dda3b222b9da1b1c0ee6cd11e983a51580884971
www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data	1969-12-31 23:59:59	Name: fsbotchecked Value: true

33 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1) Message: Dependency check failed for Publisher Purpose Legitimate Interest IDs: Publisher Purpose Legitimate Interest IDs must be an array containing only purpose IDs contained in the Publisher Purpose IDs array, the following purpose IDs will be ignored: 1, 4, 5
console-api	warning	URL: https://static.quantcast.mgr.consensu.org/v28/cmpui-popup.js(Line 1) Message: Unable to get NonIab Vendor list.
console-api	log	URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 1) Message: Video gallery initializing
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020308.js?21065506(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	info	URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2001251659540 https://www.bleepingcomputer.com/news/security/bitpylock-ransomware-now-threatens-to-publish-stolen-data/
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1883/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
apex.go.sonobi.com
api.quantcast.mgr.consensu.org
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
bc-rtb-dub.springserve.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.connatix.com
cdn.districtm.io
cdns.connatix.com
ck.connatix.com
cluster-na.cdnjquery.com
confiant-integrations.global.ssl.fastly.net
core.connatix.com
cse.google.com
d.pub.network
dmx.districtm.io
eb2.3lift.com
ecdn.analysis.fi
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
googleads.g.doubleclick.net
graph.facebook.com
hbopenbid.pubmatic.com
i.connatix.com
ib.adnxs.com
ima3vpaid.appspot.com
imasdk.googleapis.com
pagead2.googlesyndication.com
prebid.pub.network
quantcast.mgr.consensu.org
s0.2mdn.net
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.quantcast.mgr.consensu.org
tlx.3lift.com
tpc.googlesyndication.com
trk.connatix.com
v1.addthisedge.com
vendorlist.consensu.org
vid-io.springserve.com
vid.springserve.com
vpaid.springserve.com
web.hb.ad.cpe.dotomi.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
z.moatads.com
adserver-us.adtech.advertising.com
bc-rtb-dub.springserve.com
104.108.39.228
104.16.68.69
104.20.59.209
104.26.13.6
13.35.253.101
13.35.253.19
143.204.214.55
143.204.214.78
151.101.113.140
151.101.113.194
151.101.114.217
151.101.14.217
152.199.22.24
172.217.18.102
178.162.133.150
185.33.223.221
185.64.189.112
2.18.232.130
2.18.233.180
2.18.234.21
2.18.235.40
212.71.236.117
216.58.206.2
23.210.248.44
23.37.55.184
2600:9000:2057:a600:9:46dc:4700:93a1
2600:9000:214f:3a00:1:af78:4c0:93a1
2600:9000:214f:b600:9:46dc:4700:93a1
2606:4700:20::681a:8b
2a00:1288:f03d:1fa::2000
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:814::200a
2a00:1450:4001:819::2002
2a00:1450:4001:819::2014
2a00:1450:4001:81a::2004
2a00:1450:4001:81b::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::2006
2a00:1450:4001:820::2001
2a00:1450:4001:820::2002
2a00:1450:4001:821::200e
2a00:1450:4001:824::2008
2a02:fa8:8806:12::1430
2a03:2880:f02d:e:face:b00c:0:2
3.124.246.214
34.95.120.147
35.157.209.134
35.188.71.214
35.226.134.247
35.226.36.58
52.18.86.70
52.210.0.3
52.58.48.163
52.7.20.116
52.73.64.251
54.77.114.180
54.88.18.195
69.16.175.10
69.173.144.140
99.86.0.120
00fd7303db05c0bd3f4630adcfedf003a7a5ba793ea5b366b37fb050bd65df46
01c00d59c63921b2fe1e39ba741be020fd873448b7cd65507dd4caa7a557dfa9
0348ebc50609e1b177ae474cf3b89ba52cb787fb69846622f4ff4439246a59fb
03c278eb3fd7578e5c0679fd4a58d92d5b02bd761b58a6c93820693be421d165
047651738ffcbab4760d624dab988a3e8f8b9a8bcbf36eb5295c3f40ffd176e9
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
049bdb52f632b0487259d1e82cd82c3ffb27c6447cc614d3b1547c25fb4cff87
04b88735c69daae5e86481873badbbded840b81f84e0bdafca64ba94b820654d
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0531058edff2a70394b6468b716b3172d93481663c9ac6b881c0814d85e7fed4
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05714765d940424c8005ec32a0aa6fe52b0b05436da18ff0efe5847a3e405178
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
073889266b51eac5ce000a5741fa8a860c5f0634cc3cdb8fc755f02681f2c326
07a731ea7c6183470636c257c22fe9f7a2dc52c1d73edd7e102bf480a2ca2ee1
0839b709d5ebf298e0a1e324454e8135c4ce269938705a46d108c00360bdb3d6
0a4a66ae231d1717190f283c48a4690aaaa44987edff543a8f86b9f86ce980d9
0cb58a708b3022333682c3342c3b1799c1a6e6da19b4337e9d30f00cdab8390e
0d00e57a5404686a822a061615067f27580a1974546d76800855c0a339389ce8
0d5b798f848048a280599a03e053d592b9c14d1109975b3a5072943d36f26bf2
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0dc4f82d8f5e5e7caa58d672ed616a08b0260ed3b3947252a8a0154611349739
0f26954e59757f573c709bcabe82328c10ea5f250fe6a48082eaea2e116bbb8f
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
10963f76a7b1a21f7d3bdc7c7ce66b2b2d63df1c00aa9bd01f8c6e636934dcba
160383aa78318ce8e7357439aa544589ab30157f656057f4ea6d17a9a5a2390c
16df242b12d7f3a130752eb1963f2d4c49d04cfed0524fcb2f9171b2d33a6638
17b566fee6a22b34c730f8ff7cc8d6ef4737bbf9e1d7cb35d08ca534e7405783
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32
1a7c4bbdcaa54d9421f412805072036e80fd44a0296df5d82dbd0cb681356a8b
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d638035a9ae761ed3b296515af09858556c3432b2ce1a61c5a66ae09127bc8e
1dc5cab2d19c2255d7851398cca914cff92de1a7cad05dadb90ec79f1eb49775
1f72d209f3fa2e2da339c5afb0f4c815487c3e2f4e7145aba9160508ba343bda
1faa8052caa5d40e09a029a65751395a8348044b737e2725576aa0364f2b8621
2056d8cde546a77c2732250c33a7b6b9f5ee6060055ac9c1396681e6caabd5c6
20b1e7800492a0c3b70eca63dbc86e9e1ebabacca24f0d6bebfde46d431d2b66
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
233bc8bbbe0da8129c0fb7a777f1f188ce7004267154048a275a552d590fd9f6
236c1a24ff74b94646b557758f82ce4c270f9c32403743b59c709d94621a947a
242bd19622e5721a4f264838b018f582883fbc5dac05c31e441aca2a8f6e34e9
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
28e26856a0bfeddef1e97e52eec05855a743ca87aa71125ce2cac9d6dbc0b4b0
298bd03acab1a45642f159bd3043868e361ddef00e9d945a339fce8e1044ee53
2b4d021e3e5fedba2546a59a64d7662e086959d0406bfff4b51328366e375d0c
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2d5aaacbd800829604fad5254da7810a65c859e81fe510c6228c7215d26bfed7
2ea8f2eaa2b25b7b53f30a9c939e10249c35ac655901a7d7d319ead90590ef28
30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4
316dff88051acb72e38e5b5a71c2f68224c379ada2e6a76636d9c0b76602333e
31c5f23eed00b17fbdf9c4727ee54d379c54bb662fec0603736cb3abd6a371fd
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
32dc38472daec201b35d1ae304890299b0b58b4d95dacb7f0c0793505ab54a0d
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
338ca2b2512fe0ed459e0e43f08aa6df987db32585d469120c8a341fcfc71eb1
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
383b2f9e9feceaf19e3ee47bf2817d73bbde77e37acb59c53a255ab9c3ac858c
38420ff3f9d6bf40fd3d76517029f57f39b302ded73975aad330eb0f93054b99
385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3
3ab08ab6ef9155759a9e7686f7247fc7efea62e29db15ab31dc07b1b3ea087fe
3b2f801040c3141d02a6844574cdf954b8a52932f18d718b3ec1a318654f52ec
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382
3c231dc6f62bed2998ab8ac1e68eaaa1e334b9785401618c3490876a461e2355
3d9aeec86d802f5710d7cd90c0aaa75b4138ed3688d8c8dc79965e46175f3758
3deaccf0ec79bfb2bdec9aba4e68939c3327247acd044790838c30e3342eb293
41c733ab2ef13d5a5640e560b600bcd5aa4cec53cd49cceec33f3f5b81eb38f2
42d1ac8e8932308107f08e5ea68cfff75736c5be8de9f6b4445a14427a3986f5
43869e57b9339b03aecd3da7938097421e238ae9bdfd42a64035cc17c86399e0
43d59de3302abf78124803aded3755d4e518f0f6edf47c5a0f08aa31ab727751
4432a7dee9aa8523b42d8ec79f9332fe10e5cd0a04f9e8ce096eb23bdb99ddf3
472563f442310739fa0648c7157424b22055961c832c76457215d91bac432356
499b886485a66bb343b5e7030223272dd88ef68df294cc0839f41fb2d8abab10
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
4fdf28de0edea783d94d5d4690c902e21b10b9a05ea7433d32a3b0653c5a9104
50bd812525c0b8bd3d27581e8a46a0f1d0281bcdfdaae770eb8e3e3677e7e5cd
510c17f56352a57b970a9343b8379d4086078e1b22838444fcf9a9e6fff65ab5
5234edb4bf39a1ecd92c74c769fdd6fc3d0f736b6540079648deb11aa8e07254
5374a94e3d46444e9e01de3ad810b0ede056783b629fa1de12457062647a1b2f
539fdd365e7e94bacf839f9fd47197218b1caec86a7f661fe1882ad6c5f340d4
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
546a56e984470e076600da6826160e6965202c070f8b257bce8681ded8c0ec54
55621bcaa47fb879640be93615cae8f9769a69e779266784394c2b1e6cd968dd
58bbb83e2b56a932d2ae33f5b907e923a1f93a3cb0f37269d2f0f54f05e9b5d9
59b3d33f2fd94ea19425841c32e2fbfdfb82f3a8d7afabff60fc62737e918ac0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f62f1af63ddeab5428b58c39df7d97f0b03a50cc7e235bf9d943b1a4d108d15
5f9b7fb479ee6414ca859b61cad47943cfa2eb6a36e66910cc1f96bd97137c6b
604db8e904c21bbccea19d186d73e79d1b9466985f9a763af633ca55da348a56
62e13bbb50571414b06a8925afbd807d937e8ae6cfb1078d0c43d04f2524d9b9
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
65a5d6c87ba26d35e63c4652d4f93454937a863c35d6506a13165d0bba26a030
65e6427f490a96c4a8b363d5f70ce70cc29164e2753d3843d38be63ac5235c0a
67776f84608e00d1052477e44400d9e2113448e704a47c518257daeea6a73b66
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69178cc442b311d9764c39e66f8ecd32e7661f68133f9a0c3111f5901b4e990a
6be98913504e67a45275ad901ee77ce807e3feb3946ba25ecec7576702267cd9
6d20299d6e0bde2060fa9df0d1fb60f98d68dc823735192142c7ea35802409d9
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6fb1b32e2b7217c2a8474755cc33b051ff717f41403822bf621486ca33843c3b
6fd838613c8f124363a16b3eb9e7d8536000cba9f12e3b85dfabcb986431a336
71aa8b2bc282037f8ee3e4202eaa0371cf47c94a906f38e5409725de88e1275c
742dae59e81bdf2f4655716736336f1d9836b195e0a1e6db518e61d989e4b957
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
764c862d312159b49f8e6fd8b1944c16499713abe7236eb8b6b40f20cf1033fa
76617d27359d56f2da3764b159d51a3a03310a3bc26bf4196ef62a997253d4d9
7763540db9e1feaeed18a58580436814b9b407fe42c9a68fb1e5026fba499a47
78911a2468aed6b04950c5051918b04e90721565cfe8e5bb5595193ee3fd28ae
790ef9c8ef0ab01ca06084e9e348b8032087fec728b0d4f66e895cdb98812b74
7a79b9cd983ee519fc2c654c06c830fe8d48e5443846f3b4e4cfb7dfca838734
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e683918cca4905e1bcd461a431bc03cab3cd9dd827737b0b4cae5e50a898c8b
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
7ea360388f3f24329f6486f1edf1ea014d3ee57f160d5cfec848c59199cc34e1
7ef52af34aeee37e2e6433fdec511d86fe9f9ab816d0c6fc3b2fc5e419c438c2
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
808baf907a9210f0d0a150f7a2acf68d908800adb9e99a6159bf888653b415b0
823324e06944cd63de73c45e264316e0cdbd4893e6b284ff8fa16756487bb9a8
8258ab6dca6e481db10703021930ca8b0e484c50213ea4c42f8f01fd64e3e57d
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82813170efb382b4326c46afaf06a1c3d543259ba2cf7019037c82e349f29416
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d9919b17a33544d8a0bf4aa2b5ee5d8c871ff26980b731a18bd6bfdb148615
83f3dd20974bddf04c347d583d900b5c5db7330de2c4a8ec335fbf1968d643e3
849047bc529a13271ebb73b8db095b3ded75e983c5b659ed5edcf29c0f3e1676
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
865744a5f5f5f1f50f74394c2cdc37fd8031a80825713defdfe947bf6aa15c14
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
87dcf2799bdd5de7bfefe9717e0c57f51406128f081025c38f0e53a3e40ef505
896c2d6eaa02d38e0046f8696f4134e334969bbad3ef06bf34e507b3ae804ae9
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a094fdda0f38e6b999c193f4c0ba011ec139a0c9ad8e5b71e8ed19e85da10cd
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3
8b2a0f1f28e439d402ee9cfc13203db8667a0c5dcfe53176268c0962f9ad82fe
8b32913752310e7af403aaa9b6cd770729d324b6f70b0b1f3e5a1604071f73a2
8d22038ed4ecaf5378bbaf0ee376fcc05ec9c407653b289a4a35ccd3795dc749
8d567b94ff0a5abc0e8b362ae6c5125000da3f2968aab01a7b576ab0fc04b29e
8e771d965ca2e23f7362e4fe9885f76422e5f4d8ef1bc3d2c78241f0b6a95865
9026327714c221a2327242263c15f0e2a10879a0447ffe99d7fa89bc1e54e806
925b4977b8e5263103c49b9ad9c271332ea8b6f0ec328bf8283355e823277c27
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
93b625a9d29ccdf9b8f762daf4244567d06b52c686bee24f9a7115babb43a2e9
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
9648b301ed4c48cf2fdd0fb932a1536c80881b0a73fb2852033b810c2ae1544c
96c4b756d9d5ea1acaa77c9f6b1eaa4f2a968a7d1cbe14467ab6c457360dc41f
993fe983eae8010796b30b795633ac9382931e226e46ccd6cd1009975f5cf693
9996a5e9d4e6496b4486b273b4426bc3f3ff6770f7487a92d1f4e6369bf9eb8a
9a0a4f6cbba43d4840689a7bcd59c99934b0973df6a9fe84964ec29e89365ba0
9acac909f5971910d3a4a788693a5db70d892d471e3157614a5688377d03da55
9b066d0248a97937517f6835e81b3a8ca7c88c4feb410ef5c22e460da1fa359a
9b1238fb3f1d10ff490d601f0d4e4eb3b4c67c4c453d99fbe5ddc548884ef750
9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a
9bc0fc22cc15f103faf7f583ec884c371f38e549a7afc0855fe94e17c7cf86bb
9bfdae8a7f1b28c90067c9e4d0da90e7232bbaab37879e022230201f7ebe4fb7
9c8a41d3139e8b0ac2749b2a99a627873a3568cef1ad0b6347785ae9b4e61f6a
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d9f4ce8e7af5088fb1f0c20f81143ec037d471f018cb3560548ba643aa85499
9f7a136c01a3a5bbf5e4e9dbd70ab0b455fb000c0e307321fe8ad62ee43be006
9f7ae7a1ffc30c0de9565613301e0ae16e65aad71a0c06c1406db84f6fb3161f
a0617f95e533c5920386b775b3f224772d8a14d8f1f7ac922090de95540c983f
a0943891cf9970c6b7a47f144cc250802fd0eb7ff24b20e9bc220de72d871afa
a0f777612ea7b46c165a34c5ebed45f8e8f9f326a11504212936d80d8f4ca931
a1d3db0f8a4ed4c8883dbf76e3a082da31a911f16fa9406ce4df0a2fd4750b07
a358646272b783a91f077df6fda256a397a2d305a0e490afbe419c0e1fcbd428
a5304028ef84989edbb9a0cad458ab6616181bbb2fee6a72226a837e4e9b276b
a5695670c47e42e96b333fadb347e9634da846b9540ff77f92fb126afc39b8d6
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
ad397e2fbe5d7c35a2b278467d449c0c6a104c274ac3e5e1504b61499b4a202e
af51be685e6951f20171a4cb7fd87dcbfafd74f9150c0ef3ffea23701fe8d485
afb8f57edd730b241af9943ecf84adfe91f814bdb8178aa5b09bbe59e15b48ea
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e
b009919acaecacce8a304a866a01568977ff436504070bb34b36bf36d25fd427
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b34a98012927189c9a7315f05e70ef018a49cfa59ccf5a6f52cb304d3e0f1d7c
b38fb1002925d5b725c7866014165ee55ed82a67c8616747d70927c9bf311d39
b44a922dbb5fecbb6f22dd883b0f857c60c7bf588d00aa78248b33ae2619dbba
b627dbccd42c79e0b9ef6063792f9b419b14026e4afaf62912166525dc115725
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad
b711ed99e4d9394550483e75df369cfa51f2426bbca12144a56496c0e8f11098
b72e0a72c904c4778da5bc265a7a43a115edbba2a443025a41a5b0346f3160c1
b7a961984e87badb1b00e3b944cc5a6572144923e7b7e8694d7f9acbd401f800
b904ffb8c1c8d5fae355025fea68ad24f3286c9c886673d82637dc394aa16ae5
b9939d34337d04df9c5c2fde06eb815a1bb548615bb0b991e18bb6eee2ef7114
b9a2c1df7348967f289fb304b6412bd540129c551d87490c79a80ddfc0908c28
b9c4ba16ee54290eacc77e0f35acb47382bccac5aaa3dbac3764dc577d20d0e5
ba90ceff83b908709eba06f36daddceac517cfcd2c7122286f384807332f8eef
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9c6e0d3ba42fa1dfa3ede5b994f28efbb1bb4a6867401d2805f996f4a6a3db
bce53a599149b16703e5c42526aeb8b4be9ba0ce0ba70d85a0efd71935d06252
bd04f8af9d5d72a2e406c98ed8663bdf6737ff127014f8b645cd8fdda43a52f3
bea18412ec0ecee810183062032f6d2fd90ef77ef34696dd5ee24d60d21c7f23
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
bfe91a69b54109535e2a7fe6e14fbdd1953b1c74e12bafe5e527e21f15a01295
c0c5ec25d8cf7f413e82d6abab1282d59ced66ab55cd332be5ff2974c8eb658b
c153610e2fd2e320bebb482c403547f7c20eb612c03457d996f5073e9501cd91
c189e848b57944936f30261f51625f1f64b1ffa86759091c4072105a28783a59
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae
c403ec750873692fe2bbdde0ae048cd3f0d27bf4a7b2ce6f8803dace59a7058c
c5486ad6e846ffba4d0f46a96d0cd9411a58d1dc36dc5255e84b0af4571be346
c55037d6a8b947691864242b7d468b1d39a2754999fec91cc4044d42ece8df6f
c5e22f80c6c51f1f64da7f9dea069b6f7e1b98a3c351a1517d2d1f6e898cf147
c6265788182730e69c40e24d29a7ef28046a82c2f25620bae0999ba621effad1
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb
ca2feb2dba81bbc4faba7653f1482e9090f45ae6107860859e619a80e27a3cb4
cbe5469bee1bce08635072a4f30fa70181ab66daaee4b0beba1ff724a828a2a0
cd2efeab320e6bfa636c841ac8ff353a709fc88f127cd3b9cc43afb3a0558265
cd94e1f9f5f4061cfb35d8ddf9ea7dcf613463f59d4b995a5da3741894397c1a
cda09677337093b10da14ba0ecbed2ea647ecec1f327ff794a046e3a71083fd4
ce4e3142f95cc6893930f1bff83d8d010e227c5c93bcf3b621760f06930a3f5a
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ceadb299930c2f5382777cae92a93b210b97b09617c54e55661164886da245cf
cf1091e08a0a0c7b7e407014d53bda0223573859d06351c958a1174479a77752
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d
d0f1bc34ba84c73f764d8f30a2c1264ed9a09f4c9634104121adc4fd8b028155
d2ab593292a3b7ef4d41acb39318e8fae69272ab64d5c3d02a3090700b95dacc
d2b9e393b09aa71a3492c956dde01ab685e4caa7cfaff9eb12120ffbe2bf7e43
d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a
d44b93a0af159f0d547d7ec89e9227a5667ce1171bc630e6fbf79dae0e596e2d
d4b42825a49f5b627303b25c29db732075fd5d173b3eb85288c90d391d5fb0e3
d4de3340bb36b00db883fad10e2c9a33ec4dc2ced3a873592028580630fca3f7
d64d14306420ee115cb14a769ddc4009aaa64bf168052c6dcaa64192b46571d1
d7f052b1fdb4bc3d71fa29b43c9e6c439ee942ad69aeee964cea5acd50285c45
d824e8f685670e2707dda500e8e7ac2c38623ea777ec7ae9efd3d9170ad7e7fd
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9bfcbf2b4d2980484119f6a6b4faa77b2cf0188f590cb1f3ecb582ae85bf134
dbc7fbff14ae6f4136d9fca336dc7f7822bf60b37322329b9ae7c0391809791d
dc0d3b44a4cbe769eca3a48f9470f911bf3f4e65f1650b2eecea7ed2942eada6
df2d7ff92ff939684b2b763d30c9c225b36bc5afec66cb18a61e2798ed8e42d3
e02bdfbe4981ea93b307d48edcbe810fd1705adc5a26c2e8a74ba5c19d758273
e0ce40d9210947694709fe19bbd60261edddae05cbb7417190bafe2ac9651f40
e1526b217dc025f9b80a47c34c16a3ede682e9447f849a97da12c223a99bda8d
e2ac1a98c46a1fef54412b0cd7bf1e986abd18de04ddc9d91ca647410939cfcd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42be32c128d0cdf254d581d402c443978a997702eb8a2ade20a2ad7d20ac9f6
e4ede63781e212e4e53b2111cde5e031ed40a5b6648efbf130d130af0772f123
e548c1ce78f73067beca7f7e2bb284f7a79a0e537c7ebb48266560290fcfbe66
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
e862f9054c5c3227ef21f89903cabef9ab111a1bc9ad139211865097eaaeea3b
e8710142786daa42e5e4d8639fdc8641e9511c360378269471b78f82f3eb7c50
e9d0fe4ffa3fac96558d954d11392e71ff8b87bf9f31343762340cba3f1daf0a
eb74d93727a4864faba2e852b7865c2af896029068903c809168fac6c64567c9
ebc363d111191a6e6e73b0455ecebab83647562808234e05a14bf4b5ead459b0
ec932bf41c76554cb255525146aa943c8dd221a827593865d85b229aa4abd1af
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
f15dda2281e4d883978051ed03739b079ffee0846a9e2f3010753b97a994318d
f1ef2c19f9f6c3081815808b31f010f38b350515151b599b02615f21b0080669
f247510f96940dd2381230eb6b21dbb6e5cafcf9a4e887dd5bf2d63806f604bf
f362739d8aade44edfe90d184bb90e515964abee6f1d44a86e5b456266676712
f3806fb935b8d5ae0b86528f78a003cbd1935a69785e0d6f8993ef63c5618f19
f3a6506e100053cd9f6fc054c722ce7dfbab8c7048771d2c40b1bcf96f359462
f3e5ba5912b8372fc0677ee3850409fab193ace36258decf465b25d27cb2832b
f42b09fcadb262225d0ec9a44d73c441c5450c65ce085f25811dc35743bc6d15
f5cdba6bb1017a33b997c878bf75a5e94a739ca875cc6b2c8c5defda158590fb
f5ce36ae0e000812c31a459da885c40b603ae2d3864aed0eb056f8af45224361
f6710e7c08ca903910969dd6adde9c5e6a47c0c2c81b5250004fa26ad2431160
f6e4828f0ce087987cbe8485e44abc8f830fa45355026b883ac4b436e83047d6
f7884d34a71b7b129a41ba26c8edfcad43164038950c97ee26c152f0a8099c18
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
facb2c0d1beaddf94d4dd8eeadc357a6b52b789ae215d6efcc17c64e3ae3e395
fbb05540e9d6c82bbac5c6770c31eaa1d07ae0598e59fed5bd78cc61d4172f9e
fe146a0a0fdf1e8bbd7600a4da12624177b732a4496aea55e7c6dc01e4bcd394

www.bleepingcomputer.com Open in urlscan Pro 104.20.59.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

522 Requests

91 %HTTPS

34 %IPv6

42 Domains

70 Subdomains

62 IPs

7 Countries

5692 kBTransfer

19453 kBSize

14 Cookies

11 Outgoing links

Redirected requests

522 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209 Public Scan

Screenshot
Live screenshot

Full Image

522
Requests

91 %
HTTPS

34 %
IPv6

42
Domains

70
Subdomains

62
IPs

7
Countries

5692 kB
Transfer

19453 kB
Size

14
Cookies

522 HTTP transactions
7 data transactions