urlscan.io logo urlscan.io
SecurityTrails logo

www.redpacketsecurity.com Open in urlscan Pro
2606:4700:20::681a:35b  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Submission: On November 14 via api from IN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 1 countries across 10 domains to perform 72 HTTP transactions. The main IP is 2606:4700:20::681a:35b, located in United States and belongs to . The main domain is www.redpacketsecurity.com.
TLS certificate: Issued by WE1 on October 11th 2024. Valid for: 3 months.
This is the only time www.redpacketsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2606:4700:20::681a:35b (United States)

ASN- ()
www.redpacketsecurity.com
1    2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
5    142.250.72.106 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f10.1e100.net
fonts.googleapis.com
20    172.67.72.16 (United States)

ASN- ()
www.redpacketsecurity.com
8    142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
pagead2.googlesyndication.com
1    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.65.162 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
www.googleadservices.com
4    142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
googleads.g.doubleclick.net
5    142.251.32.100 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f4.1e100.net
www.google.com
1    142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
ep1.adtrafficquality.google
2    2607:f8b0:4006:80c::2001 (United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
3    2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    142.250.65.163 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f3.1e100.net
fonts.gstatic.com
1    142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
partner.googleadservices.com
1    2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)
syndicatedsearch.goog
8    142.251.41.14 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
30 redpacketsecurity.com
www.redpacketsecurity.com
745 KB
16 google.com
www.google.com — Cisco Umbrella Rank: 4
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 684
126 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 127
248 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
3 KB
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
609 B
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 530
ep2.adtrafficquality.google — Cisco Umbrella Rank: 539
19 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 110
partner.googleadservices.com — Cisco Umbrella Rank: 5697
292 B
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 743
14 KB
1 syndicatedsearch.goog
syndicatedsearch.goog — Cisco Umbrella Rank: 4036
1 gstatic.com
fonts.gstatic.com
16 KB
72 10
Domain Requested by
30 www.redpacketsecurity.com 1 redirects www.redpacketsecurity.com
static.cloudflareinsights.com
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
8 pagead2.googlesyndication.com www.redpacketsecurity.com
pagead2.googlesyndication.com
6 fonts.googleapis.com www.redpacketsecurity.com
pagead2.googlesyndication.com
5 www.google.com www.redpacketsecurity.com
pagead2.googlesyndication.com
ep2.adtrafficquality.google
4 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 static.cloudflareinsights.com www.redpacketsecurity.com
1 syndicatedsearch.goog www.google.com
1 partner.googleadservices.com www.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 www.googleadservices.com 1 redirects
1 stats.g.doubleclick.net www.redpacketsecurity.com
72 14
Subject Issuer Validity Valid
redpacketsecurity.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.googleadservices.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
syndicatedsearch.goog
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Frame ID: 9F630DA39C4A3B240DFB0572E22618A1
Requests: 65 HTTP requests in this frame

Frame: https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 556F585DC289A463B8D2FF2B7123C08D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241112/r20190131/zrt_lookup_fy2021.html
Frame ID: 68846601EE670BA93A9630D26C4B6576
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731580857&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731580859030&bpp=3&bdt=1549&idt=909&shv=r20241112&mjsv=m202411110101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6868640099894&frm=20&pv=2&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088128%2C42531705%2C95333409%2C95344189%2C31088893%2C95335245%2C95345967&oid=2&pvsid=2232762060602991&tmod=1838011631&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1120%2C1120%2C1120%2C1120%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=937
Frame ID: C1853AB889F9106C7CB455F5BA64C925
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: AEC7B1CC84A331E5F237D0446CAD39B5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 09DE7F2BDA2879EFBA9F4D7DB6724485
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-cd7b736e693ab26be&fexp=44759876%2C44759927%2C31088128%2C42531705%2C95333409%2C95344189%2C31088893%2C95335245%2C95345967%2C0%2C21404%2C17301437%2C17301438%2C17301442%2C17301542%2C17301266%2C72717108%2C49280903%2C72771954&client=pub-1536334219562771&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=7241731580861129&num=0&output=afd_ads&domain_name=www.redpacketsecurity.com&v=3&bsl=10&pac=0&u_his=1&u_tz=-600&dt=1731580861130&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=3010&frm=0&uio=-&cont=autors-container-0&drt=0&jsid=csa&nfp=1&jsv=691096265&rurl=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F
Frame ID: FF4A4683FA2AFDA5D0F68EEDC95EB190
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[RANSOMHUB] - Ransomware Victim: metroelectric[.]com - RedPacket Security

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

72
Requests

93 %
HTTPS

41 %
IPv6

10
Domains

14
Subdomains

17
IPs

1
Countries

1171 kB
Transfer

2509 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.googleadservices.com/pagead/conversion/4209956877/?guid=ON&rnd=1731581492523&fst=1731580858693&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F&tiba=%5BRANSOMHUB%5D+-+Ransomware+Victim%3A+metroelectric%5B.%5Dcom+-+RedPacket+Security&u_tz=-600&u_his=10&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&ig=1 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4209956877/?guid=ON&rnd=1731581492523&fst=1731580858693&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F&tiba=%5BRANSOMHUB%5D+-+Ransomware+Victim%3A+metroelectric%5B.%5Dcom+-+RedPacket+Security&u_tz=-600&u_his=10&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&ig=1&ct_cookie_present=false&random=1664632895&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII6saxAgiixbECCNPFsQI&pscrd=IhMI9qL_r9HbiQMV3RCICR3BVy7bMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS HTTP 302
  • https://www.google.com/pagead/1p-conversion/4209956877/?guid=ON&rnd=1731581492523&fst=1731580858693&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F&tiba=%5BRANSOMHUB%5D+-+Ransomware+Victim%3A+metroelectric%5B.%5Dcom+-+RedPacket+Security&u_tz=-600&u_his=10&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&ig=1&ct_cookie_present=false&random=1664632895&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII6saxAgiixbECCNPFsQI&pscrd=IhMI9qL_r9HbiQMV3RCICR3BVy7bMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS&is_vtc=1&cid=CAQSGwCa7L7dEAVRQRsF7QGXdjdi1QRufY4sPwLSIA&random=2107939045
Request Chain 28
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4209956877/?guid=ON&rnd=1731581492523&fst=1731580858693&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F&tiba=%5BRANSOMHUB%5D+-+Ransomware+Victim%3A+metroelectric%5B.%5Dcom+-+RedPacket+Security&u_tz=-600&u_his=10&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&ig=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/4209956877/?guid=ON&rnd=1731581492523&fst=1731578400000&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F&tiba=%5BRANSOMHUB%5D+-+Ransomware+Victim%3A+metroelectric%5B.%5Dcom+-+RedPacket+Security&u_tz=-600&u_his=10&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&ig=1&is_vtc=1&cid=CAQSGwCa7L7d9ze95xfIRVSt8SgV3ddb8KZv0hokGQ&random=1514721922
Request Chain 34
  • https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/ 		86 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:35b , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2cfdbcdfed181a9468ab17ded5c79f8705155dd83888f74a968e7b852ece0ae2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-apo-via
origin,miss
cf-cache-status
EXPIRED
cf-edge-cache
cache,platform=wordpress
cf-ray
8e2662e3cf970ff3-LAX
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 14 Nov 2024 10:40:57 GMT
expect-ct
max-age=86400, enforce
last-modified
Thu, 14 Nov 2024 10:40:57 GMT
link
<https://www.redpacketsecurity.com/wp-json/>; rel="https://api.w.org/", <https://www.redpacketsecurity.com/wp-json/wp/v2/posts/124059>; rel="alternate"; title="JSON"; type="application/json", <https://www.redpacketsecurity.com/?p=124059>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jXIEniYOeIzkKl9Y7vFclNmTzHyVprLWLBbzpDLD7tggVeu7NAalNg1D1LHp4FdzZVmhtmQ%2BvQMMo6yKeG4dVW6BEa5uZZIsvmMoA%2F%2FeDlJKL4%2FwqK34twdXJVDWU0IatY392in9d7aKjoVgTXafaHDFt%2FucNZw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="EXPIRED" cfL4;desc="?proto=TCP&rtt=75889&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4014&recv_bytes=2368&delivery_rate=54771&cwnd=254&unsent_bytes=0&cid=c83bfaa8c59a06bf&ts=573&x=0"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
rocket-loader.min.js
www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:35b , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"672e2372-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHGhBysNH2Z3FNfXbNqF6KsfFPF0cjOFbonVEEMl6Oez6ZAgZJD2KwhDTwkBc5BkyM2Go3gEqdwlHwwNZ5kARgkaXA3pKEr90vx8k6D3DAZzo7LackD86zcoz%2BfR4Tls4BjrD6GWvm0xzMQzJzazW7molHjftTM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e2662e78b180ff3-LAX
expires
Sat, 16 Nov 2024 10:40:57 GMT
date
Thu, 14 Nov 2024 10:40:57 GMT
content-type
application/javascript
last-modified
Fri, 08 Nov 2024 14:42:58 GMT
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/ 		2 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source%2BSans%2BPro%3A400%2C700%7CLato%3A400%2C700&subset=latin&display=swap
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e388f482ee4fb32303c41e0e933c56267853b899fd928c7278e5b9949ba0ac38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.redpacketsecurity.com
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 10:40:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:40:57 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 14 Nov 2024 10:19:52 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.min.css
www.redpacketsecurity.com/wp-includes/css/dist/block-library/ 		110 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-includes/css/dist/block-library/style.min.css?ver=3ab9f8803b1a723323f26085ec19fd07
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:35b , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"1b72b-621cfc75d6ec0-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pWez1f48jOt0XumvCNVRiQgqNhUBMwKtWvL7OTqH9KGrE1xlWYwKnpSAKXI9agjKR8kniccvME%2F0XYyNukAQnyae%2FgvqL6kjiQZNlo3e%2Fqf7NFUVFUyXyQmeGsg9eGmjWzy3qrWZrqDr5LFnHSLntK%2BM05jLQ8A%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=71326&sent=46&recv=39&lost=0&retrans=0&sent_bytes=30789&recv_bytes=3466&delivery_rate=359937&cwnd=257&unsent_bytes=0&cid=c83bfaa8c59a06bf&ts=700&x=0"
date
Thu, 14 Nov 2024 10:40:57 GMT
content-type
text/css
last-modified
Wed, 11 Sep 2024 03:42:27 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662e78b130ff3-LAX
x-xss-protection
1; mode=block
server
cloudflare
front.min.css
www.redpacketsecurity.com/wp-content/plugins/cookie-notice/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.4.18
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:35b , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"13c8-61fa2ae32ed00-gzip"
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FhbCaIJaHvhY77bA%2B%2BxVydLU7iEeOZkXHp0wmT%2BJ5cPmZZSVUd7QgfbGH7Ou8tWxYwRKL0ojZBEN3Y8hnwKBnEO6fTwUL9hJDZsCWPFLidcNlxDkTcYV62WBLyyEulDe7yirR4lwUErAX92cEZmLSJCj35tRb4k%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=72668&sent=494&recv=113&lost=0&retrans=0&sent_bytes=586111&recv_bytes=3466&delivery_rate=1858975&cwnd=283&unsent_bytes=64850&cid=c83bfaa8c59a06bf&ts=914&x=0"
date
Thu, 14 Nov 2024 10:40:57 GMT
content-type
text/css
last-modified
Wed, 14 Aug 2024 11:03:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662e78b150ff3-LAX
x-xss-protection
1; mode=block
server
cloudflare
app.css
www.redpacketsecurity.com/wp-content/plugins/patreon-connect/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/patreon-connect/assets/css/app.css?ver=3ab9f8803b1a723323f26085ec19fd07
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:35b , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7a049f0c9709c89fd23a27e5e2246fbbb0dd2ab2f0db074ab08a125bd816c7f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"bd4-62306184dbcf5-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1aCxVmZgyeqSmTwLtcYRXZsEsD9X6ElurM16UonUNtSLfl6c3emzPavcTaCPh4R0CL5jpXu2F7uKTbcVpZGgeALwNewn2K616ejc6RzPO3X3f8SaCV2uiTfYdoXl%2Bi0MVkiUCvbLo1hXcFj2G9KNCT81bRMRfxg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=71326&sent=43&recv=39&lost=0&retrans=0&sent_bytes=29264&recv_bytes=3466&delivery_rate=359937&cwnd=257&unsent_bytes=0&cid=c83bfaa8c59a06bf&ts=698&x=0"
date
Thu, 14 Nov 2024 10:40:57 GMT
content-type
text/css
last-modified
Thu, 26 Sep 2024 13:55:44 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662e78b160ff3-LAX
x-xss-protection
1; mode=block
server
cloudflare
style.css
www.redpacketsecurity.com/wp-content/themes/covernews/ 		228 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/themes/covernews/style.css?ver=3ab9f8803b1a723323f26085ec19fd07
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:35b , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
275bd9011228dc44aed57534d440a8797492cad27602218520bfa59b9499ce19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"390a2-6269e86835d10-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yBR914%2B%2F1Mati6wykSoVRpsFND%2Fe3RvKv3v8U1zpg1%2B3M6Lb2HVQhGevc0UlP%2BfiPjR8GFkzc0Ft1RHoUdKmIjO%2BR%2BUJP%2BHXkTDMh1Zz6ZxW5qCtx%2Bw11LkYxWhdVJ4D9%2BcG6qdJaOWrdK2cPFzPLS%2BDJNBUBkI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=71326&sent=103&recv=39&lost=0&retrans=0&sent_bytes=89001&recv_bytes=3466&delivery_rate=359937&cwnd=257&unsent_bytes=32425&cid=c83bfaa8c59a06bf&ts=711&x=0"
date
Thu, 14 Nov 2024 10:40:57 GMT
content-type
text/css
last-modified
Mon, 11 Nov 2024 08:02:43 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662e78b170ff3-LAX
x-xss-protection
1; mode=block
server
cloudflare
style.css
www.redpacketsecurity.com/wp-content/themes/covernews-child/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/themes/covernews-child/style.css?ver=1.0.0
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:35b , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9940afeb532d9c4fdd229e4f5789c028d0e7f990f03e15468d8077ff91dace00
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"9ed-60bd553cac080-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCmln9K%2Fe%2F5yFHGgN%2FI5ix8G39tiuu2PVDbNO8Xj2mgSaDPKYU94Q3DqLOQHlcgK%2FNsWFckmr4koQArOrHr6mp0LP4BP9EYdopOu26nvpq1AxVxfM9oJXHa3wlT6wt8heFWThXLhppgXtqa1nC4YICzAGL8K2qI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=71326&sent=64&recv=39&lost=0&retrans=0&sent_bytes=48053&recv_bytes=3466&delivery_rate=359937&cwnd=257&unsent_bytes=0&cid=c83bfaa8c59a06bf&ts=702&x=0"
date
Thu, 14 Nov 2024 10:40:57 GMT
content-type
text/css
last-modified
Wed, 06 Dec 2023 11:05:22 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662e78b1a0ff3-LAX
x-xss-protection
1; mode=block
server
cloudflare
style.css
www.redpacketsecurity.com/wp-content/themes/covernews/assets/icons/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/themes/covernews/assets/icons/style.css?ver=3ab9f8803b1a723323f26085ec19fd07
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:35b , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
76c24169d0d6a2dd9a7298db5b29d80fdd6cdc612791082964b5f5f7ac3a96de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"159c-6269e86831e8f-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZ3y7DPWF5YA9aIIiCAYvKN0qt5KKqv1Pdti2ccN8o7sJECRPZLf%2F77vtkrprjz5yPYhXXfsyBUMOa4VXMuxQoc2ftVZVUMgY2QvCB7fli8IIb2FdoiIJsOIhThtUdwJCBMrM2SJicdQHBNEwLCnDQR8Z233lsQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=71326&sent=67&recv=39&lost=0&retrans=0&sent_bytes=49587&recv_bytes=3466&delivery_rate=359937&cwnd=257&unsent_bytes=0&cid=c83bfaa8c59a06bf&ts=703&x=0"
date
Thu, 14 Nov 2024 10:40:57 GMT
content-type
text/css
last-modified
Mon, 11 Nov 2024 08:02:43 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662e78b1b0ff3-LAX
x-xss-protection
1; mode=block
server
cloudflare
bootstrap.min.css
www.redpacketsecurity.com/wp-content/themes/covernews/assets/bootstrap/css/ 		118 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/themes/covernews/assets/bootstrap/css/bootstrap.min.css?ver=3ab9f8803b1a723323f26085ec19fd07
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:35b , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ebf968e400976b579ea9dcff5f0bc247a2b2371f9ce49c3b5829da4b7179f4f9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"1d988-6269e86830eef-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gIuEtGbLF8J5PgKMft63NoynLZ34DLnGuY9ZoaAYPNWB8IQCOL2In%2FY16CsuSgVwr%2B%2BH10hZrv7RcgnOTclurjNTWIftwbngN7eIKF49WBI2ulNwlKUK9II3kkYXecKYwlX2%2FFZJUFwSglLtRETi%2Fq37kt3%2FJeM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=71326&sent=103&recv=39&lost=0&retrans=0&sent_bytes=89001&recv_bytes=3466&delivery_rate=359937&cwnd=257&unsent_bytes=32425&cid=c83bfaa8c59a06bf&ts=708&x=0"
date
Thu, 14 Nov 2024 10:40:57 GMT
content-type
text/css
last-modified
Mon, 11 Nov 2024 08:02:43 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662e78b1d0ff3-LAX
x-xss-protection
1; mode=block
server
cloudflare
image.png
www.redpacketsecurity.com/wp-content/uploads/2024/09/ 		523 KB
524 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/2024/09/image.png
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:35b , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b24424c88b7542b07d8e0afba936c5234b6b89fc19073cba1667a3c2891b28e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"136c4d-62263cd2318c0"
age
697
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJOrqnu0xYNctNPHPqRBKGx%2FSYNW45DbUgkDrTSx2rdlTsj19j7oEGiM7s2QqKk3h3OSFzPIANLeQPJ9E8MpFdtlFFQtQ6ROnKeSD51R%2Fpu7J7DSyJQfDqa2PNgtPIySjvW1ueko4x0v6k%2FWdbihXO6G%2Fnx%2Fznc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=1272909
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=71326&sent=71&recv=39&lost=0&retrans=0&sent_bytes=51686&recv_bytes=3466&delivery_rate=359937&cwnd=257&unsent_bytes=0&cid=c83bfaa8c59a06bf&ts=707&x=0"
date
Thu, 14 Nov 2024 10:40:57 GMT
content-type
image/webp
content-disposition
inline; filename="image.webp"
vary
Accept
last-modified
Wed, 18 Sep 2024 12:18:19 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662e78b1e0ff3-LAX
accept-ranges
bytes
content-length
535548
x-xss-protection
1; mode=block
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.redpacketsecurity.com
Referer

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8e2662eb38ed6a2d-LAX
access-control-allow-origin
*
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/ 		2 KB
444 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source%2BSans%2BPro%3A400%2C700%7CLato%3A400%2C700&subset=latin&display=swap
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f10.1e100.net
Software
ESF /
Resource Hash
e388f482ee4fb32303c41e0e933c56267853b899fd928c7278e5b9949ba0ac38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 10:40:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 14 Nov 2024 08:46:30 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
aft-icons.ttf
www.redpacketsecurity.com/wp-content/themes/covernews/assets/icons/fonts/ 		19 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/themes/covernews/assets/icons/fonts/aft-icons.ttf?kiv2u2
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/wp-content/themes/covernews/assets/icons/style.css?ver=3ab9f8803b1a723323f26085ec19fd07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f498f4de89f8c27d4d56f4d8dd0988da262875d8e4f1fa71bdf2a391b9050523
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.redpacketsecurity.com
Referer
https://www.redpacketsecurity.com/wp-content/themes/covernews/assets/icons/style.css?ver=3ab9f8803b1a723323f26085ec19fd07

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"4b48-6269e86831e8f"
age
698
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8KdW3dagRxkzLXEVGA9HB1HnTAkTIxBJ3Sbj74Ss5XwVf7dwdXQEq%2FKu9Ha0ykcymsUNg3w8%2BTMrSQQGHAbrPp4Ts6JTfASfOGDa5Hp5rHuYywokmEMJymCIfgYKUs7WLso7BNjUoEOVpIc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71063&sent=15&recv=19&lost=0&retrans=0&sent_bytes=4348&recv_bytes=7892&delivery_rate=289&cwnd=12000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=937&x=1", cfHdrFlush;dur=0
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
font/ttf
last-modified
Mon, 11 Nov 2024 08:02:43 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662ed395f7ebd-LAX
x-xss-protection
1; mode=block
server
cloudflare
smush-lazy-load.min.js
www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/js/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.16.6
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
807419d5f60f78d0c2d04b0bf5e3f80410fe7ffaa2bfee30646e4c6f47838b4f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"2016-61eb23a562500-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ci9LUGeDBT35KO5SkUW%2Fubmca6uTMCO6fIjuttf6D2AeHIGjiLYmL8Zoy4l4aPlEfnBlhUKCA0rbW8gS1vHzOySpgAOaDYu2vPun94kFdYrqfBPqm6w4kysC%2FD56pVSL4H8GULhcx%2FPaWC4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71063&sent=26&recv=19&lost=0&retrans=0&sent_bytes=16348&recv_bytes=7892&delivery_rate=289&cwnd=12000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=941&x=1", cfHdrFlush;dur=68
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript
last-modified
Fri, 02 Aug 2024 12:11:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662ed49637ebd-LAX
x-xss-protection
1; mode=block
server
cloudflare
script.js
www.redpacketsecurity.com/wp-content/themes/covernews/assets/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/themes/covernews/assets/script.js?ver=1.0.0
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aee7eb9a8ea96df02619daa88489e52e4949694422a9be92d220cc10ccfc5cd6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"4634-6269e86832277-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCYuyiZjazRlXui2HahW004u3Y8HfO1wEDpiazW7iher6f%2Ftz4hiBhXZ80QfVPPjKDQ894RFPaT0KxHMyZYZhQsu%2F8w%2BBgAoYGo3HtCHzbEMWdhxRMaEAHGLwZIho46jXIQBaLVmOafs9rE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71063&sent=26&recv=19&lost=0&retrans=0&sent_bytes=16348&recv_bytes=7892&delivery_rate=289&cwnd=12000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=945&x=1", cfHdrFlush;dur=64
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript
last-modified
Mon, 11 Nov 2024 08:02:43 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662ed49677ebd-LAX
x-xss-protection
1; mode=block
server
cloudflare
jquery.matchHeight.min.js
www.redpacketsecurity.com/wp-content/themes/covernews/assets/jquery-match-height/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/themes/covernews/assets/jquery-match-height/jquery.matchHeight.min.js?ver=1.0.0
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"d34-6269e86832277-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ra7b4ufx9tu5RjfcyFWFIkMMsUffnCtDg63uPsghGJRmDsA%2B6XVOUiFy5hLe6FIfYP65nxNBLa3%2B80KxKCJXnFayetnxxydb4XPHeB6hd71h3IRFXeXPqt6FC0qqq9zno5CCHt5VFTzyoLo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71063&sent=26&recv=19&lost=0&retrans=0&sent_bytes=16348&recv_bytes=7892&delivery_rate=289&cwnd=12000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=944&x=1", cfHdrFlush;dur=65
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript
last-modified
Mon, 11 Nov 2024 08:02:43 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662ed49697ebd-LAX
x-xss-protection
1; mode=block
server
cloudflare
skip-link-focus-fix.js
www.redpacketsecurity.com/wp-content/themes/covernews/js/ 		685 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/themes/covernews/js/skip-link-focus-fix.js?ver=1.0.0
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"2ad-6269e868345a0-gzip"
age
698
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9CBKmdr0QTD8uydwDYPJF6Q5dDbzJ4%2BsJgaXumpewT9qXHe%2BuhtwZjGlSdP7%2FhsllWeY9kGRtSgkPufiiXL%2BQyisDQkHtQC0v5ycINi3nyaBubZpoDuveWpkBfcSFf7Ldry6uwFet0LXjI0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71063&sent=26&recv=19&lost=0&retrans=0&sent_bytes=16348&recv_bytes=7892&delivery_rate=289&cwnd=12000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=952&x=1", cfHdrFlush;dur=57
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript
last-modified
Mon, 11 Nov 2024 08:02:43 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662ed496c7ebd-LAX
x-xss-protection
1; mode=block
server
cloudflare
navigation.js
www.redpacketsecurity.com/wp-content/themes/covernews/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/themes/covernews/js/navigation.js?ver=1.0.0
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"b97-6269e868345a0-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ut7YzouLZscAvFT6Kr6kWoeVrvNBi1pAylb5YKJtdbe4U%2F7skonFIX4mtJX0bGJ9zKMVNViQAiNAlfVmf9McO39hHigWCTdfHfbCYTfoJE22wNjfBM1ltkaXAWy7nuZEAAyvdXl19cynLmc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71063&sent=26&recv=19&lost=0&retrans=0&sent_bytes=16348&recv_bytes=7892&delivery_rate=289&cwnd=12000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=945&x=1", cfHdrFlush;dur=64
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript
last-modified
Mon, 11 Nov 2024 08:02:43 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662ed496d7ebd-LAX
x-xss-protection
1; mode=block
server
cloudflare
app.js
www.redpacketsecurity.com/wp-content/plugins/patreon-connect/assets/js/ 		354 B
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/patreon-connect/assets/js/app.js?ver=3ab9f8803b1a723323f26085ec19fd07
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a44fc800e479a071294416020b12e437693806d0055593771b956a724e644f33
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"162-62306184de01e-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phT1W20DRKrpXlxWGQHivY19JRL9K%2FoiUwbWZm69MQ0a6gvB233YBQ9me1K5GngT2T5HSBbJPMZlrbq%2FMlrX4C4tedd%2FvFOJuGqTbu%2F8uPADng95jbZqAnyVPTMaBxdiTjjl7cgtiszu5hQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71063&sent=26&recv=19&lost=0&retrans=0&sent_bytes=16348&recv_bytes=7892&delivery_rate=289&cwnd=12000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=944&x=1", cfHdrFlush;dur=65
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript
last-modified
Thu, 26 Sep 2024 13:55:44 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662ed496e7ebd-LAX
x-xss-protection
1; mode=block
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1536334219562771
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
5ee64eda21580e5aa5aae9b0b7e69a5fc15eaa75a3d9200c9a1ae7a1dfc36cac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.redpacketsecurity.com
Referer

Response headers

content-encoding
br
etag
6603416453244209727
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 10:40:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53443
x-xss-protection
0
server
cafe
beacon.min.js
static.cloudflareinsights.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8e2662ee2c450fd0-LAX
access-control-allow-origin
*
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
jquery-migrate.min.js
www.redpacketsecurity.com/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"3509-60277bea349c0-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7yej3vv%2B3iX5bIbnrU2bvFxPgH%2FlZ3YDxephJsMjU1RPbwZO6zVdiMS%2FDFy2KdG4y4E9i2jY78FX5I%2Fh6i5hroZ%2F7dGmuDdEpQOPBPqf8DkwHM1Qk4%2FVBtIWScrNUyz8qkkFxQ03PASpBUw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71063&sent=26&recv=19&lost=0&retrans=0&sent_bytes=16348&recv_bytes=7892&delivery_rate=289&cwnd=12000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=944&x=1", cfHdrFlush;dur=65
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript
last-modified
Wed, 09 Aug 2023 06:39:43 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662ed496f7ebd-LAX
x-xss-protection
1; mode=block
server
cloudflare
jquery.min.js
www.redpacketsecurity.com/wp-includes/js/jquery/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"15601-609a02c4e24c0-gzip"
age
697
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RiUuz2zYh29VFx8omI61c1zd8IpsW5rLBzuzWyyxUvtiT5zJ3nKmhtX9RqgHBlGLydst3xML97gDP4pZugz%2FtfimVllMFrwvzLuWUm3YLhEPb90xEs2iCRODjScKgARAPw%2BZp%2BBlKgPEyNQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71063&sent=26&recv=19&lost=0&retrans=0&sent_bytes=16348&recv_bytes=7892&delivery_rate=289&cwnd=12000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=944&x=1", cfHdrFlush;dur=65
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript
last-modified
Wed, 08 Nov 2023 08:50:03 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662ed49707ebd-LAX
x-xss-protection
1; mode=block
server
cloudflare
front.min.js
www.redpacketsecurity.com/wp-content/plugins/cookie-notice/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.18
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"21fc-61fa2ae32ed00-gzip"
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6BfcKx6LK1VoSC2dM%2BI6jDUgmfaweE5zP4DPn99CSASFdSJGwPkIVCYvCeLq6InQCcfDknkGeldvX2dSamezaEDabMzNSdNaOdEolZb8ne0m%2BJ6WrDfq7JX2fYddKapnYeHbMhoBRejG4o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72967&sent=82&recv=53&lost=0&retrans=0&sent_bytes=72364&recv_bytes=10116&delivery_rate=522445&cwnd=42000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=1165&x=1", cfHdrFlush;dur=0
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript
last-modified
Wed, 14 Aug 2024 11:03:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662ed49717ebd-LAX
x-xss-protection
1; mode=block
server
cloudflare
s.js
www.redpacketsecurity.com/cdn-cgi/zaraz/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyJTVCUkFOU09NSFVCJTVEJTIwLSUyMFJhbnNvbXdhcmUlMjBWaWN0aW0lM0ElMjBtZXRyb2VsZWN0cmljJTVCLiU1RGNvbSUyMC0lMjBSZWRQYWNrZXQlMjBTZWN1cml0eSUyMiUyQyUyMnglMjIlM0EwLjk0MjU3NjkzMTgyNDU2NjMlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5yZWRwYWNrZXRzZWN1cml0eS5jb20lMkZyYW5zb21odWItcmFuc29td2FyZS12aWN0aW0tbWV0cm9lbGVjdHJpYy1jb20lMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTYwMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
86a3694b73410f87622de88aed63a5701ab44f1c531dad8d61163c8329a75e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/

Response headers

x-robots-tag
none
access-control-max-age
600
content-encoding
zstd
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=puzOPIxGYrbmGB8pA6NXdmNMQABfCQTxxVmgN2DV81jfGHZDIqi6s7SL33zHCVVRHaSvr4QjDGcxHHF%2F4LMXvXDt94CM6yu5NEIsYCWAK%2FTTp7awhLZn4Jkj43RNgRLEcQHw2Ujo1C%2BgYFc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD, POST, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72967&sent=85&recv=53&lost=0&retrans=0&sent_bytes=75447&recv_bytes=10116&delivery_rate=522445&cwnd=42000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=1185&x=1", cfHdrFlush;dur=0
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/javascript; charset=utf-8
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8e2662eeba4e7ebd-LAX
access-control-allow-origin
https://www.redpacketsecurity.com
x-xss-protection
1; mode=block
server
cloudflare
collect
stats.g.doubleclick.net/g/ 		0
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-GN0W0LT7ZX&cid=114a6356-1988-42f9-b163-2eb030ee3cff&_u=KGDAAEADQAAAAC%7E&z=281300760
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.redpacketsecurity.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:40:59 GMT
content-type
text/plain
server
Golfe2
/
www.google.com/pagead/1p-conversion/4209956877/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/4209956877/?guid=ON&rnd=1731581492523&fst=1731580858693&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ra...
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4209956877/?guid=ON&rnd=1731581492523&fst=1731580858693&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%...
  • https://www.google.com/pagead/1p-conversion/4209956877/?guid=ON&rnd=1731581492523&fst=1731580858693&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomwar...
42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google.com/pagead/1p-conversion/4209956877/?guid=ON&rnd=1731581492523&fst=1731580858693&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F&tiba=%5BRANSOMHUB%5D+-+Ransomware+Victim%3A+metroelectric%5B.%5Dcom+-+RedPacket+Security&u_tz=-600&u_his=10&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&ig=1&ct_cookie_present=false&random=1664632895&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII6saxAgiixbECCNPFsQI&pscrd=IhMI9qL_r9HbiQMV3RCICR3BVy7bMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS&is_vtc=1&cid=CAQSGwCa7L7dEAVRQRsF7QGXdjdi1QRufY4sPwLSIA&random=2107939045
Protocol
H3
Server
142.251.32.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f4.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 14 Nov 2024 10:40:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-conversion/4209956877/?guid=ON&rnd=1731581492523&fst=1731580858693&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F&tiba=%5BRANSOMHUB%5D+-+Ransomware+Victim%3A+metroelectric%5B.%5Dcom+-+RedPacket+Security&u_tz=-600&u_his=10&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&ig=1&ct_cookie_present=false&random=1664632895&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQII6saxAgiixbECCNPFsQI&pscrd=IhMI9qL_r9HbiQMV3RCICR3BVy7bMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS&is_vtc=1&cid=CAQSGwCa7L7dEAVRQRsF7QGXdjdi1QRufY4sPwLSIA&random=2107939045
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Thu, 14 Nov 2024 10:40:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/4209956877/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4209956877/?guid=ON&rnd=1731581492523&fst=1731580858693&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%...
  • https://www.google.com/pagead/1p-user-list/4209956877/?guid=ON&rnd=1731581492523&fst=1731578400000&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware...
42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google.com/pagead/1p-user-list/4209956877/?guid=ON&rnd=1731581492523&fst=1731578400000&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F&tiba=%5BRANSOMHUB%5D+-+Ransomware+Victim%3A+metroelectric%5B.%5Dcom+-+RedPacket+Security&u_tz=-600&u_his=10&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&ig=1&is_vtc=1&cid=CAQSGwCa7L7d9ze95xfIRVSt8SgV3ddb8KZv0hokGQ&random=1514721922
Protocol
H3
Server
142.251.32.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f4.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 14 Nov 2024 10:40:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/pagead/1p-user-list/4209956877/?guid=ON&rnd=1731581492523&fst=1731578400000&cv=9&sendb=1&num=1&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F&tiba=%5BRANSOMHUB%5D+-+Ransomware+Victim%3A+metroelectric%5B.%5Dcom+-+RedPacket+Security&u_tz=-600&u_his=10&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&ig=1&is_vtc=1&cid=CAQSGwCa7L7d9ze95xfIRVSt8SgV3ddb8KZv0hokGQ&random=1514721922
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Thu, 14 Nov 2024 10:40:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ga-audiences
www.google.com/ads/ 		42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-GN0W0LT7ZX&cid=114a6356-1988-42f9-b163-2eb030ee3cff&_u=KGDAAEADQAAAAC%7E&z=281300760&slf_rd=1
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyJTVCUkFOU09NSFVCJTVEJTIwLSUyMFJhbnNvbXdhcmUlMjBWaWN0aW0lM0ElMjBtZXRyb2VsZWN0cmljJTVCLiU1RGNvbSUyMC0lMjBSZWRQYWNrZXQlMjBTZWN1cml0eSUyMiUyQyUyMnglMjIlM0EwLjk0MjU3NjkzMTgyNDU2NjMlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5yZWRwYWNrZXRzZWN1cml0eS5jb20lMkZyYW5zb21odWItcmFuc29td2FyZS12aWN0aW0tbWV0cm9lbGVjdHJpYy1jb20lMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTYwMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f4.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.redpacketsecurity.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 14 Nov 2024 10:40:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
25f58c7d-a3b0-4f81-ad6c-151c0eaecbe2
https://www.redpacketsecurity.com/ Frame 		0
0
Redpacketsecurity-small-logo-150x150.png
www.redpacketsecurity.com/wp-content/uploads/2022/08/ 		9 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/2022/08/Redpacketsecurity-small-logo-150x150.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f187f728f9a8bda38f6c171fdf069ee3a5cf9b0311b2915f22f78a96ecdc31d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EY4f8QO0LJGEMepyHQNWKWkjdDykqrMxgd21uEEWcu%2B3Ll1TjQPOHyE%2BWVuY9GrAcoK3kVgo%2FJu3ChqRkuev64EwdbSc6r5A7QE3300uPpqosiUFcTrMhJQhOwBafkrowKFDGzvDzF%2Fk%2Flw%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73250&sent=92&recv=59&lost=0&retrans=0&sent_bytes=81006&recv_bytes=12348&delivery_rate=101680&cwnd=42000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=1294&x=1", cfHdrFlush;dur=0
x-content-options
nosniff
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
NOELrzfIBC9ZEnJGFcw3vvl8s2HrhiI9O/YnH6VJHzSi842JweZW0Rwo0q31WdUQM0jLC3y1kzuzYqVoWwYGDlsZ/nhcbR/n/z+6uM57rboVxgBZKEXsErOdpM0AC6SEbUdnkAYZcZiH1ZhmxmfCZg==$wFQ95tKKTkbypmS/RRRvXg==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8e2662ef7ad97ebd-LAX
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
x-xss-protection
1; mode=block
origin-agent-cluster
?1
server
cloudflare
Redpacketsecurity-small-logo.png
www.redpacketsecurity.com/wp-content/uploads/2022/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/2022/08/Redpacketsecurity-small-logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a2936be98b15a562c8356e429cd4d6224e817d01717c315476b8819487715f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FAXinHxNpRbuONQZk40%2B3vFIQebwQ9NDy5PX4ffbHsHmXoqqx9MlvTB2v%2B7G23bvcY0s8Stl%2F5%2FJ7OSl7P5suP2CROdolyWq7JBnBao7TQ8dwUWOJ83hAbfGGUdSQlVoV6zdYY16fN%2B04d0%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78811&sent=121&recv=76&lost=0&retrans=0&sent_bytes=106144&recv_bytes=19509&delivery_rate=101063&cwnd=42000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=1821&x=1", cfHdrFlush;dur=0
x-content-options
nosniff
date
Thu, 14 Nov 2024 10:40:59 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
wRUJYhRfIbhreQde6Xef+i7C+6wK2Z3+0PE0roPqwm+YJ3W6PfX2h2Jb0SeWEelplQt33ycnhqExF7I2ECJJ031b3rFSUoHkv6b3qQmqVn4Jo39/AlbCffsSF/kYmZj0VS+sqGdzWofuuN397iAl+g==$7VIQA49XTdMNsHm4iDcMmg==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8e2662f2ccbc7ebd-LAX
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
x-xss-protection
1; mode=block
origin-agent-cluster
?1
server
cloudflare
smush-placeholder.png
www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/images/smush-placeholder.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6dd95de8290981f513133c21281a2b9782c69f713cd733fb31352fe0e3832719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uE16ZjLEIRwL%2BpPfTX8vcHRhSlg6jyNbdZKHfKNHqi7DSwr1i5%2FdDsBPgm30oWxMy%2Ft2LIPBtLJi7aUTEBG1CxXVdAya%2FCM9CDUgzxfgdRLGNk%2FmPU6p18xWSzUvKY8Ff4uTrJC384Toi%2BY%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73250&sent=100&recv=59&lost=0&retrans=0&sent_bytes=89060&recv_bytes=12348&delivery_rate=101680&cwnd=42000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=1303&x=1", cfHdrFlush;dur=0
x-content-options
nosniff
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
l/GZ/5gBWTsLlMK1IbzfKB8yoAFVDsOm3AUaupARqtbxbHXH9Hh0bFzpGXcmLwJ8O+Ve4z1AiE9fVv7ns4PbkMEfPOc9lGMREdmsSOzBT27Y/92TVwyPjsea0+ZdqHL8MpxweGj/elcn0YrXecZu0g==$Vtu280AGtnUoa10p3K3+og==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8e2662ef8ae17ebd-LAX
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
x-xss-protection
1; mode=block
origin-agent-cluster
?1
server
cloudflare
main.js
www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 556F
Redirect Chain
  • https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Protocol
H3
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6054a9448ac418d24fa2bdd5c9d92c6abd220e8f69b65b55c9d1c0ffe0f56b84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gTdPd5ZOVHusGah8lpnsOeww93edZt0BwCcRxZesGIOLvo%2BgKSMEXQqaNbMK%2BltjhG5Bm4nmjMzZkvF5zSwNJB4uUGfwVL8NPL7eN%2FB5cI8crViqBYAhtoUTdHwrekZJRLl7VlYPLEQJIB4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=79307&sent=131&recv=78&lost=0&retrans=0&sent_bytes=114194&recv_bytes=21364&delivery_rate=109696&cwnd=42000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=1898&x=1", cfHdrFlush;dur=0
date
Thu, 14 Nov 2024 10:40:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662f34cf87ebd-LAX
x-xss-protection
1; mode=block
server
cloudflare

Redirect headers

expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ewa6cBrTD5iSmeJetZWfdh02Uc7Xl7qiY%2Bz1tuKG62QOiyfEY%2BynGVlovaNLzE0mqaKiWy3EBZSSgvfeGGU9yMfNWlw7S5ZfNAvrxLTmDtvMLHepT9%2FLVSLhWOOzWK%2FSO1QEQjhUkCUgqM0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78811&sent=120&recv=76&lost=0&retrans=0&sent_bytes=105406&recv_bytes=19509&delivery_rate=101063&cwnd=42000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=1816&x=1", cfHdrFlush;dur=0
date
Thu, 14 Nov 2024 10:40:59 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
cf-ray
8e2662f2ccc17ebd-LAX
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
rum
www.redpacketsecurity.com/cdn-cgi/ 		0
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8e2662efbafc7ebd-LAX
access-control-allow-origin
https://www.redpacketsecurity.com
date
Thu, 14 Nov 2024 10:40:58 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
wp-emoji-release.min.js
www.redpacketsecurity.com/wp-includes/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-includes/js/wp-emoji-release.min.js?ver=3ab9f8803b1a723323f26085ec19fd07
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRNLtJ6krojBR%2B2OR1%2F8AUaX6iqeGFYrOLTaLXcmalqzbQECtXZ9NBgi3co2C9WyzdV2l2jWzQdET8PjNcWi2aqrDF5GouJGalI1V2vNyrBL%2BAolFnnsInVPd%2BZn7dMO20e4Slaz6lZU3WM%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=79307&sent=135&recv=78&lost=0&retrans=0&sent_bytes=118884&recv_bytes=21364&delivery_rate=109696&cwnd=42000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=1907&x=1", cfHdrFlush;dur=0
x-content-options
nosniff
date
Thu, 14 Nov 2024 10:40:59 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
H1GfReUSPdKE+PONkvpbiJRAgnjZRLZgFfS8Jjo/udgoW8BXkpXVT35BRRbaeY4uUVumAxshsoeq9gAmbbTtzdNceS1CQP7jHFswMxof5OvjRaH5uOJZWJFxmSxI5J/pG8IKyVnoeXecO2qE82tdVg==$8vRtsNQ9T/XvSVuJPBad2w==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8e2662f35d007ebd-LAX
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
x-xss-protection
1; mode=block
origin-agent-cluster
?1
server
cloudflare
Redpacketsecurity-small-logo.png
www.redpacketsecurity.com/wp-content/uploads/2022/08/ 		9 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/2022/08/Redpacketsecurity-small-logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f52e66c6edbd5a05150bba2158b704fd050d8a38eee79659b570a28a172e5c66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/

Response headers

content-encoding
zstd
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rf1Rsj2VjGtPn1pjSEK8vkBdYc%2F6LX6kidVR6%2BarK9k0dLS3Uv3mDXIA%2FARzXj6WcvwKRfSX0WmK1oxiY9rMJS3O37lj8ldqeU%2BuodCoHJTHs%2BZu9PK%2BfaFl8RvyBru%2FucSODOB107zzfO8%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=75940&sent=111&recv=70&lost=0&retrans=0&sent_bytes=97342&recv_bytes=16474&delivery_rate=176625&cwnd=42000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=1382&x=1", cfHdrFlush;dur=0
x-content-options
nosniff
date
Thu, 14 Nov 2024 10:40:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
BWTwF94rhyCXRcVx+VHX8R4Hbii/fa3Pd9yvpx0ilXOOGbcxxz84aL7RKoGcc2OmvIQ+Q51+vV0vAqnuDrQftEkLJ9G1QupjfknZLTdlqGYFLS8fZQsJA/3i4KtwqW2OPd6ARhWidYnEHVCd6zE5dg==$LYpv8CelT8l957PoJ2r18g==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8e2662f00b277ebd-LAX
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
x-xss-protection
1; mode=block
origin-agent-cluster
?1
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1536334219562771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
f69746e773a3b3c2acddfb9f723d9c30b850f10f5ee6b3e4d38e8f882355e043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
6650575091206311646
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 10:40:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 14 Nov 2024 10:40:59 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147353
x-xss-protection
0
server
cafe
8e2662e3cf970ff3
www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 556F 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e2662e3cf970ff3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.16 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JVsnI3%2FsNQ3McdZw0xIb41AgzKZ1UC8RNTqrOZ7vQwPoThC1vrI7R2LKlH6V1Bf3128W5YNbQLZI3U%2BmLVvlWTSxlSKzAZDdeZgYMu0ApuEXDeL4EGEhIRKDj160MGK06DR0uJ0bv25Ez28%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
same-origin
cf-ray
8e2662f46daf7ebd-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=81502&sent=154&recv=95&lost=0&retrans=0&sent_bytes=127188&recv_bytes=39239&delivery_rate=143705&cwnd=42000&unsent_bytes=0&cid=f315b0f9e952cf51&ts=2088&x=1", cfHdrFlush;dur=0
content-length
0
date
Thu, 14 Nov 2024 10:40:59 GMT
x-xss-protection
1; mode=block
content-type
text/plain; charset=UTF-8
server
cloudflare
x-frame-options
SAMEORIGIN
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241112/r20190131/ Frame 6884 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241112/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
2509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4134
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Nov 2024 09:59:11 GMT
etag
4475648825157136472
expires
Thu, 28 Nov 2024 09:59:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-notice&cls=cookie-revoke-hidden%20cn-position-bottom%20cn-effect-fade%20cookie-notice-visible&ign=false&pw=1600&ph=1200&x=1575&y=1175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 14 Nov 2024 10:41:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame C185 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731580857&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731580859030&bpp=3&bdt=1549&idt=909&shv=r20241112&mjsv=m202411110101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6868640099894&frm=20&pv=2&u_tz=-600&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31088128%2C42531705%2C95333409%2C95344189%2C31088893%2C95335245%2C95345967&oid=2&pvsid=2232762060602991&tmod=1838011631&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1120%2C1120%2C1120%2C1120%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=937
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
9134
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Nov 2024 10:41:00 GMT
expires
Thu, 14 Nov 2024 10:41:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
4a7069b81a2b38444ec5ad21a142982a5e337e6c991a357e850adc405a22fbd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12712
date
Thu, 14 Nov 2024 10:41:00 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 10:41:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
ca-pub-1536334219562771
fundingchoicesmessages.google.com/i/ 		195 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-1536334219562771?href=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c21442ef1e81a177d2fd972564ae28d5937e8a0f53114bec43c5121bfdd23553
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-SlaQAd7s4554RVNYTzGCSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:01 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhbg59i6_vpNNYMetRZxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoaGhkZ6BsbxBQYAQXo_hQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-SlaQAd7s4554RVNYTzGCSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		1 KB
477 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f10.1e100.net
Software
ESF /
Resource Hash
ba9a30cfbacfca57689ba1e31a7a58d36a836400bfee3a97c0abd3acbbe8ec54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 10:41:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:00 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 14 Nov 2024 10:41:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		4 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f10.1e100.net
Software
ESF /
Resource Hash
8b1bb264d3f4e9e18f183190a3c443c6409502514f56e670dc60ea04c40747de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 10:41:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:00 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 14 Nov 2024 09:22:08 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		656 B
418 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f10.1e100.net
Software
ESF /
Resource Hash
fb021f059703588d01cf6ffd60e88d663f8d279b8e45e1274f5352a5a73dd4f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 10:41:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:00 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 14 Nov 2024 10:41:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		4 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans+Text_old:400,500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f10.1e100.net
Software
ESF /
Resource Hash
8b1bb264d3f4e9e18f183190a3c443c6409502514f56e670dc60ea04c40747de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 10:41:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:00 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 14 Nov 2024 09:08:40 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
async-ads.js
www.google.com/adsense/search/ 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/async-ads.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f4.1e100.net
Software
sffe /
Resource Hash
777f5aa7deceaffbe02996600beef3ab14234adf55ba2f7a8046e0d0facb4b7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"15390302672001073446"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 10:41:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=ok&evt=place&vh=1200&eid=44759876%2C44759927%2C31088128%2C42531705%2C95333409%2C95344189%2C31088893%2C95335245%2C95345967&hl=en&pvc=2232762060602991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 14 Nov 2024 10:41:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame AEC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2470
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Nov 2024 09:59:51 GMT
expires
Thu, 14 Nov 2024 10:49:51 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 09DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cvFtZxU-xOawoeNW-I0M1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-cvFtZxU-xOawoeNW-I0M1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Nov 2024 10:41:01 GMT
expires
Thu, 14 Nov 2024 10:41:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v22/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.redpacketsecurity.com
Referer
https://fonts.googleapis.com/

Response headers

age
98215
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 07:24:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 07:24:06 GMT
last-modified
Wed, 31 Jul 2024 20:31:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15996
x-xss-protection
0
server
sffe
cookie.js
partner.googleadservices.com/gampad/ 		396 B
269 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.redpacketsecurity.com&client=partner-pub-1536334219562771&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
c4321a34a21d0a6fe327d4cf83805c3700b7750f3c5628c52868f257e2a15fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
248
date
Thu, 14 Nov 2024 10:41:01 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
syndicatedsearch.goog/afs/ Frame FF4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/afs/ads?psid=5134551505&channel=AutoRsVariant&cx=r-cd7b736e693ab26be&fexp=44759876%2C44759927%2C31088128%2C42531705%2C95333409%2C95344189%2C31088893%2C95335245%2C95345967%2C0%2C21404%2C17301437%2C17301438%2C17301442%2C17301542%2C17301266%2C72717108%2C49280903%2C72771954&client=pub-1536334219562771&r=m&hl=en&rpbu=http%3A%2F%2Fgoogle.com&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&format=r5&nocache=7241731580861129&num=0&output=afd_ads&domain_name=www.redpacketsecurity.com&v=3&bsl=10&pac=0&u_his=1&u_tz=-600&dt=1731580861130&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=3010&frm=0&uio=-&cont=autors-container-0&drt=0&jsid=csa&nfp=1&jsv=691096265&rurl=https%3A%2F%2Fwww.redpacketsecurity.com%2Fransomhub-ransomware-victim-metroelectric-com%2F
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-ytTaEE-OjT1gYuHmbEiulw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
550
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-ytTaEE-OjT1gYuHmbEiulw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Thu, 14 Nov 2024 10:41:01 GMT
expires
Thu, 14 Nov 2024 10:41:01 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
AGSKWxUZhOK3zNI1pZL2VJKdZUXsvyjdEAv59c3R0ZmQYcpJsM3SYfx7b9ysqCzmQIBe0pq2PXbb1juKyudmtqb-ngDhOSeHqOm4AlttCF6UPv_l9WiR0EKq0kEwKogMeO2kC2bqHHbXaQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUZhOK3zNI1pZL2VJKdZUXsvyjdEAv59c3R0ZmQYcpJsM3SYfx7b9ysqCzmQIBe0pq2PXbb1juKyudmtqb-ngDhOSeHqOm4AlttCF6UPv_l9WiR0EKq0kEwKogMeO2kC2bqHHbXaQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNTgwODYxLDQwMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cucmVkcGFja2V0c2VjdXJpdHkuY29tL3JhbnNvbWh1Yi1yYW5zb213YXJlLXZpY3RpbS1tZXRyb2VsZWN0cmljLWNvbS8iLG51bGwsW1s4LCJnck1VWHg1OUh3dyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3957d06ab19c5d1919c9b7022db63fe7b78c99aeac57adb5aba4e7ba453f59bd
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mCHLOGYHfAJaV3gQW4_Kig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:01 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0pBiOHHrNtMFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIV4OPYuv76TTWDDxQevGZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0NjfQMjOMLDADD_UWh"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mCHLOGYHfAJaV3gQW4_Kig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxVT5Y53hWpeq7nDzTdudqRv_k1FV3Ru68_QUVgSMF8w4vbax6KSnTj8vqLSy_8smfva088i28QEMfZffuuPP06rDvqiRiR_houHap6w0y66t3I565u39NxFC-WocVsQKH98pinnkg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVT5Y53hWpeq7nDzTdudqRv_k1FV3Ru68_QUVgSMF8w4vbax6KSnTj8vqLSy_8smfva088i28QEMfZffuuPP06rDvqiRiR_houHap6w0y66t3I565u39NxFC-WocVsQKH98pinnkg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNTgwODYxLDU4MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LnJlZHBhY2tldHNlY3VyaXR5LmNvbS9yYW5zb21odWItcmFuc29td2FyZS12aWN0aW0tbWV0cm9lbGVjdHJpYy1jb20vIixudWxsLFtbOCwiZ3JNVVh4NTlId3ciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8bf2142ff22c573ab2a086f9a1f38e9e3d6b3f02a968285a4c851ef857a30f6c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vKAazGe4uEUmqzHxZ6bV4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:01 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg49i6_vpNNoGHN3kNMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoZGegbG8QUGAILOP_I"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vKAazGe4uEUmqzHxZ6bV4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfns&evt=place&vh=1200&eid=44759876%2C44759927%2C31088128%2C42531705%2C95333409%2C95344189%2C31088893%2C95335245%2C95345967&hl=en&pvc=2232762060602991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 14 Nov 2024 10:41:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar
ep1.adtrafficquality.google/pagead/ 		0
0
ysmads.
fundingchoicesmessages.google.com/f/AGSKWxXys2gdJ9cU4czoi35br5h4luGfbBSqG0xpLeBpUxhtFt7bQgrGf8Omu_Urwet5uA3axIuEJRtKCC7Kxcbt4Mn2cq0dClswCgzWa2TD3P-qEZ-5HmtKQO0FPpAIoq_QaVUfJvvqJAkqdpVmu58Ie5wa-GuWP... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXys2gdJ9cU4czoi35br5h4luGfbBSqG0xpLeBpUxhtFt7bQgrGf8Omu_Urwet5uA3axIuEJRtKCC7Kxcbt4Mn2cq0dClswCgzWa2TD3P-qEZ-5HmtKQO0FPpAIoq_QaVUfJvvqJAkqdpVmu58Ie5wa-GuWPTw-9iZchVXew0HaRQPWrtgQXSkPAXHD/_&program=revshare&/maxadselect.-euads./searchad_/ysmads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwhwCQtMG6fRUUQVijeU30NlnnKIQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e96c856f9e161e07036b82f67ee9c8c02e61061bcb1b6bcd5627316d773d9619
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VldyQyX674pLePJeg7GNRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:02 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg49i2_vpNN4Mf_29cZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDQ2N9AyM4wsMALMcQPQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VldyQyX674pLePJeg7GNRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwhwCQtMG6fRUUQVijeU30NlnnKIQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
21c2d26479145021fd16294065594d841e0f93a4bd113929ff0dfb593d2393e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
11919880253181599675
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 10:41:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 14 Nov 2024 10:41:02 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53467
x-xss-protection
0
server
cafe
AGSKWxVSJyqNTm-9N39S_YdHhXvTF0FAndUQv-k6R-43a6isQT3GtKiCtSeje-ntpmB9pTlU9mDjNt1K_ruSq41tcZs1ktl_ioy4L2MKDlJT5KQ0mJFRnXRyHYe1_YtVqJ99ihPV8k67vw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVSJyqNTm-9N39S_YdHhXvTF0FAndUQv-k6R-43a6isQT3GtKiCtSeje-ntpmB9pTlU9mDjNt1K_ruSq41tcZs1ktl_ioy4L2MKDlJT5KQ0mJFRnXRyHYe1_YtVqJ99ihPV8k67vw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6PeWZ48L2IansdjaCa5eqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:02 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHYt_z6TjaBFbvmzWZScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoZGegbm8QUGADIbKMc"
content-security-policy
script-src 'report-sample' 'nonce-6PeWZ48L2IansdjaCa5eqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.redpacketsecurity.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVSJyqNTm-9N39S_YdHhXvTF0FAndUQv-k6R-43a6isQT3GtKiCtSeje-ntpmB9pTlU9mDjNt1K_ruSq41tcZs1ktl_ioy4L2MKDlJT5KQ0mJFRnXRyHYe1_YtVqJ99ihPV8k67vw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVSJyqNTm-9N39S_YdHhXvTF0FAndUQv-k6R-43a6isQT3GtKiCtSeje-ntpmB9pTlU9mDjNt1K_ruSq41tcZs1ktl_ioy4L2MKDlJT5KQ0mJFRnXRyHYe1_YtVqJ99ihPV8k67vw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YRqoFkfJIE_ITiNkH9AjAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:02 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHYt_z6TjaBH7MeLGNScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoZGegbm8QUGAFD1KTg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YRqoFkfJIE_ITiNkH9AjAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.redpacketsecurity.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVSJyqNTm-9N39S_YdHhXvTF0FAndUQv-k6R-43a6isQT3GtKiCtSeje-ntpmB9pTlU9mDjNt1K_ruSq41tcZs1ktl_ioy4L2MKDlJT5KQ0mJFRnXRyHYe1_YtVqJ99ihPV8k67vw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVSJyqNTm-9N39S_YdHhXvTF0FAndUQv-k6R-43a6isQT3GtKiCtSeje-ntpmB9pTlU9mDjNt1K_ruSq41tcZs1ktl_ioy4L2MKDlJT5KQ0mJFRnXRyHYe1_YtVqJ99ihPV8k67vw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WfEt8hKr-bkLEOtbIIf6vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:02 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHYt_z6TjaBGR9mb2dScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoZGegbm8QUGAEasKQw"
content-security-policy
script-src 'report-sample' 'nonce-WfEt8hKr-bkLEOtbIIf6vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.redpacketsecurity.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVSJyqNTm-9N39S_YdHhXvTF0FAndUQv-k6R-43a6isQT3GtKiCtSeje-ntpmB9pTlU9mDjNt1K_ruSq41tcZs1ktl_ioy4L2MKDlJT5KQ0mJFRnXRyHYe1_YtVqJ99ihPV8k67vw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVSJyqNTm-9N39S_YdHhXvTF0FAndUQv-k6R-43a6isQT3GtKiCtSeje-ntpmB9pTlU9mDjNt1K_ruSq41tcZs1ktl_ioy4L2MKDlJT5KQ0mJFRnXRyHYe1_YtVqJ99ihPV8k67vw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vi7sI14Ju7abGXy928wOrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:02 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHYt_z6TjaBA88fbWNScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoZGegbm8QUGAF6BKWU"
content-security-policy
script-src 'report-sample' 'nonce-vi7sI14Ju7abGXy928wOrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.redpacketsecurity.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVGNNQ6hu2kGy_QvYB1dt5ZR-p-iz--CiNwb4FuRffwKub6mU8xjprs1JaaJsAniR6CJver3A34DSQcn9LlTqfY5d9UBXSnMogxcqFV_iducTW-w0S1mzqMi2lJSbwIcH-BgW1s2w==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVGNNQ6hu2kGy_QvYB1dt5ZR-p-iz--CiNwb4FuRffwKub6mU8xjprs1JaaJsAniR6CJver3A34DSQcn9LlTqfY5d9UBXSnMogxcqFV_iducTW-w0S1mzqMi2lJSbwIcH-BgW1s2w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNTgwODYyLDU3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cucmVkcGFja2V0c2VjdXJpdHkuY29tL3JhbnNvbWh1Yi1yYW5zb213YXJlLXZpY3RpbS1tZXRyb2VsZWN0cmljLWNvbS8iLG51bGwsW1s4LCJnck1VWHg1OUh3dyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
21dec6d9a5474765fa0a9e98f7d02460a38089b0a3a74cf16c2270ca2593c443
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-b310YAcXMBgq9KzGXFySsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:02 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg49i2_vpNN4MSmaw-YlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDQ2N9AyM4wsMAJt4QHk"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-b310YAcXMBgq9KzGXFySsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxXkDaqRy-6lWKKETrRHSxatQtnSJCo-0EnbKKqmqbeNHUxTNzx3LyCz3fDEZ1pSuu7DGw3AUO3NU7n50af1QHXvFNTc6AkJU_Pqp3PGnKRzXZzbU5CVhPo4FzXwsDrBBnGBnDAZ4g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXkDaqRy-6lWKKETrRHSxatQtnSJCo-0EnbKKqmqbeNHUxTNzx3LyCz3fDEZ1pSuu7DGw3AUO3NU7n50af1QHXvFNTc6AkJU_Pqp3PGnKRzXZzbU5CVhPo4FzXwsDrBBnGBnDAZ4g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mRr5To_BnQnMrusJiBkqiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:02 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHYt_z6TjaBFU9nb2BWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoZGegbm8QUGAD8NKPo"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mRr5To_BnQnMrusJiBkqiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.redpacketsecurity.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVSJyqNTm-9N39S_YdHhXvTF0FAndUQv-k6R-43a6isQT3GtKiCtSeje-ntpmB9pTlU9mDjNt1K_ruSq41tcZs1ktl_ioy4L2MKDlJT5KQ0mJFRnXRyHYe1_YtVqJ99ihPV8k67vw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVSJyqNTm-9N39S_YdHhXvTF0FAndUQv-k6R-43a6isQT3GtKiCtSeje-ntpmB9pTlU9mDjNt1K_ruSq41tcZs1ktl_ioy4L2MKDlJT5KQ0mJFRnXRyHYe1_YtVqJ99ihPV8k67vw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qkVyHL0avJObHixeAfzKgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 10:41:02 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHYt_z6TjaBDdsfbmBWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoZGegbm8QUGAEnPKR4"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qkVyHL0avJObHixeAfzKgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.redpacketsecurity.com
content-length
0
x-xss-protection
0
server
ESF
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411110101/show_ads_impl_fy2021.js?bust=31088893
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.redpacketsecurity.com
URL
blob:https://www.redpacketsecurity.com/25f58c7d-a3b0-4f81-ad6c-151c0eaecbe2
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241112&jk=2232762060602991&bg=!lpWlldrNAAY7_TBtG_07ADQBe5WfOPZpCql4bSmY4N3rUqHQFJsG5HnSCImoKadYGtESpqdY5ZF4ta-5rvZbgjGQ9oKwAgAAAEBSAAAAAmgBB34ANr8PVvc7ub9g-xgQIkzOrFnsxYQpoSzreOkCi6P6B8D3VqtvCL3KfZuhOE7OpRttMHFm9hNARgoArjCyMJt22bj1YaDL5HtWsUQw5fLD_VWzCE2hAQzKuAgUPl5YomIpyZyZHDybBcP6Ap5uHYeKKtEWh15XzVI6JBLrk9_nKKPKt6Iz9g7SossrMeEyYTbTTeHPYhuE-yvM64gcVcZZO5V30NEnsZAln8pAHas8RD5HYAFtWOD33IgugGtNfx6SZYd5reMVHpZeJ9vjAdbBQN6DvQYxDvRNZSJnAXSkffPg5mOzGVK77ZkCnZZNqpIsbQiRz9fElCG04qfM2RYxPyIRqiHY_borTuEUEViZRbHJYvGTKlT1j1uzDeTGIxJzTF-0f6OkK5oLXKfNUg4GXAmhXKvoK7lyc-OFUAXg4a_ZDXgbqDryRze_MqzlFvFCfjx02-VXou2_O-sA9mYmfscsfWepaSAwbt7LKVUjWmIAuHmU6BkJwxQ4Z3pVUFd1cO2ZXvIGg1nNcCiSlBMo4gGPZn0p4FZEPN-g5frbD7mc-HAvPrGEgsglobF7Q758_wLizDVW33fgbhYoQZ-0m1Do3v5-yILa6L1QOkgd84L6c7w8UE8efPceUPqLNsny9BBB8XqDae9kEF-90ciccnbfFF0A9WcWpa-TspBOdfsiBRIBpA08yId5gKu-iOSib5UzwtnvvVhkd-bqlunipVdCGcnqbr1Km9WC1YFzZb8QccxCmR8Rm7P_IENep609Cv8Hyil_i7_R7UObegWfCvyc6ff6EClyNP0rxHSNZYdJqzEQTFt8tn9JNdtMJhcnWRIrSYpnkfOB5Hid-TpsEQ4O-j5h6xEyxqzp4rbEDxvW0Ko_dEvxAzRh9NcPYCyO_07t4sXhMELxxzNpp4Gu1HGqlmyCb_tmb_KzoHb35E10OZWWC40QFgpRNZtA8hJKy4ZQQzAH1ATSjucIVhG5NqTI6JR5KpBa-QGVdTDCOzHm4bjbg5GBal-kiBuojEEQPqxxTLIfcXBMd-a2doIA-9S8IYFBqC8k6zXTUWsemDuG10K3pLiyAiVzomLF_qhnpbZNGbImymRPqOE-NjAVPuc9wl2rrIpc9kkoTAW0AXEDfRWxfajEb68cFvR5p33lJXHPoQP09J18KaO6OlUmpJTWqIKmTJO15f23qNoYJ5Z-M4zToHLw8A

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| zarazData object| zaraz object| __cfQR object| __cfBeacon object| dataLayer object| x object| _wpemojiSettings object| cnArgs function| jQuery object| lazySizes boolean| __cfRLUnblockHandlers object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| googlefc boolean| adsbygoogle_ama_fc_has_run object| google_pso_loaded_fonts object| googTempStyleOverrideInfo object| googNavStack function| _googCsa number| googleNDT_ number| googleAltLoader object| google function| __sasCookie object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YjhmN2I1ODQyZmMyMGE4OGxvYWRlcl9qcw== string| YjhmN2I1ODQyZmMyMGE4OGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady boolean| 64348e90-77a7-4558-8400-075cf0409885

6 Cookies

Domain/Path Name / Value
.redpacketsecurity.com/ Name: cfzs_google-analytics_v4
Value: %7B%22uNHI_pageviewCounter%22%3A%7B%22v%22%3A%221%22%7D%7D
.redpacketsecurity.com/ Name: cfz_google-analytics_v4
Value: %7B%22uNHI_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1763116858693%7D%2C%22uNHI_engagementStart%22%3A%7B%22v%22%3A%221731580858693%22%2C%22e%22%3A1763116858693%7D%2C%22uNHI_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1763116858693%7D%2C%22uNHI_ga4sid%22%3A%7B%22v%22%3A%22778101260%22%2C%22e%22%3A1731582658693%7D%2C%22uNHI_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1763116858693%7D%2C%22uNHI_ga4%22%3A%7B%22v%22%3A%22114a6356-1988-42f9-b163-2eb030ee3cff%22%2C%22e%22%3A1763116858693%7D%2C%22uNHI__z_ga_audiences%22%3A%7B%22v%22%3A%22114a6356-1988-42f9-b163-2eb030ee3cff%22%2C%22e%22%3A1763116858693%7D%2C%22uNHI_let%22%3A%7B%22v%22%3A%221731580858693%22%2C%22e%22%3A1763116858693%7D%7D
.redpacketsecurity.com/ Name: cf_clearance
Value: 4scPu2AxMNj1E38aWyPTeqpp2_9UckRm8FNNiF6xvvc-1731580859-1.2.1.1-StR.mNMpHZuzf6UhvRjywvE69x3CkXWZSn3IP05t2ZkjbO4mgAvK.rWM33h0Jhrt3XpGj0tJ2KZCl2Aqt4BzpAqiEaE78wZTpa8k9uqRG_Y2JQB12RPMBsTaVg4ugTK8h5ItAbr5gyGVGkBJQDSWiK7Tb71J6vRAyh81VuUJ33Vl9xK84LYH5MlI7MiaQIC_rlrtyq_Q_bLln03yGn9yby71BrMt.6LqB.wrhNJWfshOIxmveYAHNUJU23f8BaJCKDx8Q2pT6aZAm9UeTKvDKFbz_23hJu2XBZxSpSgfMzmXgT3cdPjHya4ZJDCyBv.0PG1vNNIp_W2WgSYz1GgeQlvp3YQ1cMUKTr3JVcd8SrRl9qOAGugFDpSYI3zOoJvw
.doubleclick.net/ Name: IDE
Value: AHWqTUluSxV4T3OZAkqPvCPV4mj99p4hXrpdamBTJCl71kccAgyFTi7M6uPGJPrWJFk
.redpacketsecurity.com/ Name: __gsas
Value: ID=2786d02f766458e4:T=1731580861:RT=1731580861:S=ALNI_Mblrgunm9qDu2HBg_UG4e1IDUs6Nw
.redpacketsecurity.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9pMrPJDAs-KARV43sraHCi5KzoozByMRjZHDkj6tr8ZNBFdBSY-9hnPcBhe1d5XyyhbnPAVkvAYLCor8tl4RTvIwo8ndcbP6jqSIXHXjuXmQHZ6ChqXmHAFuU2H2ULfsEf0X6CZQn3j2-xWrxZ4zy8Wr2jUA%3D%3D%22%5D%5D

8 Console Messages

Source Level URL
Text
other warning URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/(Line 91)
Message:
A preload for 'https://fonts.googleapis.com/css?family=Source%2BSans%2BPro%3A400%2C700%7CLato%3A400%2C700&subset=latin&display=swap' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error URL: https://www.redpacketsecurity.com/wp-content/uploads/2022/08/Redpacketsecurity-small-logo-150x150.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/images/smush-placeholder.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.redpacketsecurity.com/wp-content/uploads/2022/08/Redpacketsecurity-small-logo.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.redpacketsecurity.com/wp-content/uploads/2022/08/Redpacketsecurity-small-logo.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.redpacketsecurity.com/wp-includes/js/wp-emoji-release.min.js?ver=3ab9f8803b1a723323f26085ec19fd07
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Message:
Refused to execute script from 'https://www.redpacketsecurity.com/wp-includes/js/wp-emoji-release.min.js?ver=3ab9f8803b1a723323f26085ec19fd07' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
intervention info URL: https://www.redpacketsecurity.com/ransomhub-ransomware-victim-metroelectric-com/
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
static.cloudflareinsights.com
stats.g.doubleclick.net
syndicatedsearch.goog
www.google.com
www.googleadservices.com
www.redpacketsecurity.com
ep1.adtrafficquality.google
www.redpacketsecurity.com
142.250.65.162
142.250.65.163
142.250.72.106
142.250.80.98
142.251.32.100
142.251.32.98
142.251.40.162
142.251.40.98
142.251.41.14
172.67.72.16
2606:4700:20::681a:35b
2606:4700::6810:4f49
2607:f8b0:4004:c06::9a
2607:f8b0:4006:809::200a
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80d::200e
2607:f8b0:4006:824::200e
029dedf319bc4536d9c663ae9c0b10c95d1e9f5dd1de0aa73172e9e89ae254cc
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
21c2d26479145021fd16294065594d841e0f93a4bd113929ff0dfb593d2393e8
21dec6d9a5474765fa0a9e98f7d02460a38089b0a3a74cf16c2270ca2593c443
275bd9011228dc44aed57534d440a8797492cad27602218520bfa59b9499ce19
2cfdbcdfed181a9468ab17ded5c79f8705155dd83888f74a968e7b852ece0ae2
3957d06ab19c5d1919c9b7022db63fe7b78c99aeac57adb5aba4e7ba453f59bd
4a7069b81a2b38444ec5ad21a142982a5e337e6c991a357e850adc405a22fbd1
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5ee64eda21580e5aa5aae9b0b7e69a5fc15eaa75a3d9200c9a1ae7a1dfc36cac
6054a9448ac418d24fa2bdd5c9d92c6abd220e8f69b65b55c9d1c0ffe0f56b84
6dd95de8290981f513133c21281a2b9782c69f713cd733fb31352fe0e3832719
76c24169d0d6a2dd9a7298db5b29d80fdd6cdc612791082964b5f5f7ac3a96de
777f5aa7deceaffbe02996600beef3ab14234adf55ba2f7a8046e0d0facb4b7d
7a049f0c9709c89fd23a27e5e2246fbbb0dd2ab2f0db074ab08a125bd816c7f6
807419d5f60f78d0c2d04b0bf5e3f80410fe7ffaa2bfee30646e4c6f47838b4f
86a3694b73410f87622de88aed63a5701ab44f1c531dad8d61163c8329a75e93
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8b1bb264d3f4e9e18f183190a3c443c6409502514f56e670dc60ea04c40747de
8bf2142ff22c573ab2a086f9a1f38e9e3d6b3f02a968285a4c851ef857a30f6c
97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37
9940afeb532d9c4fdd229e4f5789c028d0e7f990f03e15468d8077ff91dace00
a2936be98b15a562c8356e429cd4d6224e817d01717c315476b8819487715f74
a44fc800e479a071294416020b12e437693806d0055593771b956a724e644f33
aee7eb9a8ea96df02619daa88489e52e4949694422a9be92d220cc10ccfc5cd6
b24424c88b7542b07d8e0afba936c5234b6b89fc19073cba1667a3c2891b28e3
ba9a30cfbacfca57689ba1e31a7a58d36a836400bfee3a97c0abd3acbbe8ec54
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c21442ef1e81a177d2fd972564ae28d5937e8a0f53114bec43c5121bfdd23553
c4321a34a21d0a6fe327d4cf83805c3700b7750f3c5628c52868f257e2a15fa4
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e388f482ee4fb32303c41e0e933c56267853b899fd928c7278e5b9949ba0ac38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96c856f9e161e07036b82f67ee9c8c02e61061bcb1b6bcd5627316d773d9619
ebf968e400976b579ea9dcff5f0bc247a2b2371f9ce49c3b5829da4b7179f4f9
f187f728f9a8bda38f6c171fdf069ee3a5cf9b0311b2915f22f78a96ecdc31d7
f498f4de89f8c27d4d56f4d8dd0988da262875d8e4f1fa71bdf2a391b9050523
f52e66c6edbd5a05150bba2158b704fd050d8a38eee79659b570a28a172e5c66
f69746e773a3b3c2acddfb9f723d9c30b850f10f5ee6b3e4d38e8f882355e043
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fb021f059703588d01cf6ffd60e88d663f8d279b8e45e1274f5352a5a73dd4f5
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99