urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Submission: On July 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 7 countries across 40 domains to perform 264 HTTP transactions. The main IP is 104.20.59.209, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 12th 2018. Valid for: 2 years.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.20.59.209 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
30 104.24.1.61 13335 (CLOUDFLAR...)
10 2a04:4e42:1b:... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2.21.36.164 20940 (AKAMAI-ASN1)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:200... 16509 (AMAZON-02)
1 18.207.76.63 14618 (AMAZON-AES)
1 54.230.202.248 16509 (AMAZON-02)
4 35.188.71.214 15169 (GOOGLE)
7 172.217.21.226 15169 (GOOGLE)
2 2.18.235.93 16625 (AKAMAI-AS)
3 2a03:2880:f02... 32934 (FACEBOOK)
3 2a03:2880:f12... 32934 (FACEBOOK)
15 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
3 3 2a00:1450:400... 15169 (GOOGLE)
1 54.230.202.109 16509 (AMAZON-02)
2 52.45.228.133 14618 (AMAZON-AES)
2 2a02:fa8:8806... 41041 (VCLK-EU-)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
3 7 173.241.240.220 36089 (OPENX-AS1)
2 34.205.245.130 14618 (AMAZON-AES)
5 208.100.17.190 32748 (STEADFAST)
4 151.101.13.108 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.111.230.142 16625 (AKAMAI-AS)
2 173.241.240.143 36089 (OPENX-AS1)
264 36
1    104.20.59.209 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepingcomputer.com
7    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
30    104.24.1.61 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepstatic.com
10    2a04:4e42:1b::645 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
cdn.connatix.com
cdns.connatix.com
ck.connatix.com
i.connatix.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cse.google.com
13    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
www.googletagservices.com
googleads.g.doubleclick.net
2    2.21.36.164 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-36-164.deploy.static.akamaitechnologies.com
s9.addthis.com
v1.addthisedge.com
2    2606:4700:20::6819:bf72 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
a.pub.network
10    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2600:9000:200d:7a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
quantcast.mgr.consensu.org
3    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2600:9000:200d:bc00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
static.quantcast.mgr.consensu.org
1    18.207.76.63 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-207-76-63.compute-1.amazonaws.com
core.connatix.com
1    54.230.202.248 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-248.fra50.r.cloudfront.net
privacy-api-gateway.quantcast.com
4    35.188.71.214 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.71.188.35.bc.googleusercontent.com
d.pub.network
7    172.217.21.226 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2.18.235.93 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
hbx.media.net
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
3    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
15    2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
16    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
3    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    54.230.202.109 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-109.fra50.r.cloudfront.net
api.quantcast.mgr.consensu.org
2    52.45.228.133 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-45-228-133.compute-1.amazonaws.com
trk.connatix.com
2    2a02:fa8:8806:13::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)
web.hb.ad.cpe.dotomi.com
4    2606:4700:10::6814:8428 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
i.connectad.io
cdn.connectad.io
7    173.241.240.220 (Amsterdam, Netherlands)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org
connatix-d.openx.net
2    34.205.245.130 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-205-245-130.compute-1.amazonaws.com
sync.bfmio.com
5    208.100.17.190 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip190.208-100-17.static.steadfastdns.net
de.tynt.com
4    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
acdn.adnxs.com
2    2606:4700::6812:1bef (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.districtm.io
1    104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    173.241.240.143 (Amsterdam, Netherlands)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
u.openx.net
Apex Domain
Subdomains		 Transfer
30 bleepstatic.com
www.bleepstatic.com
380 KB
20 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com Failed
299 KB
16 ampproject.org
cdn.ampproject.org
398 KB
13 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net Failed
112 KB
13 connatix.com
cdn.connatix.com
cdns.connatix.com
ck.connatix.com
core.connatix.com
rtb.connatix.com Failed
i.connatix.com
trk.connatix.com
680 KB
10 gstatic.com
fonts.gstatic.com
109 KB
9 openx.net
connatix-d.openx.net Failed
freestar-d.openx.net Failed
u.openx.net
3 KB
8 google.com
www.google.com
cse.google.com
adservice.google.com
2 KB
7 googleapis.com
fonts.googleapis.com
5 KB
6 pub.network
a.pub.network
d.pub.network
c.pub.network Failed
217 KB
5 tynt.com
de.tynt.com
4 adnxs.com
ib.adnxs.com Failed
acdn.adnxs.com
4 connectad.io
i.connectad.io
cdn.connectad.io
915 B
4 consensu.org
quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org Failed
api.quantcast.mgr.consensu.org
93 KB
3 facebook.com
www.facebook.com
445 B
3 facebook.net
connect.facebook.net
77 KB
3 googletagservices.com
www.googletagservices.com
67 KB
2 districtm.io
dmx.districtm.io Failed
cdn.districtm.io
2 dotomi.com
web.hb.ad.cpe.dotomi.com
1 KB
2 bfmio.com
display.bfmio.com Failed
sync.bfmio.com
2 media.net
hbx.media.net
7 KB
2 google-analytics.com
www.google-analytics.com
17 KB
1 addthisedge.com
v1.addthisedge.com
924 B
1 rubiconproject.com
fastlane.rubiconproject.com Failed
eus.rubiconproject.com
1 quantcast.com
privacy-api-gateway.quantcast.com
81 KB
1 google.de
adservice.google.de
171 B
1 addthis.com
s9.addthis.com
s7.addthis.com Failed
110 KB
1 googletagmanager.com
www.googletagmanager.com
25 KB
1 bleepingcomputer.com
www.bleepingcomputer.com
14 KB
0 brealtime.com Failed
biddr.brealtime.com Failed
edba.brealtime.com Failed
0 33across.com Failed
ssc.33across.com Failed
0 sharethrough.com Failed
btlr.sharethrough.com Failed
0 gumgum.com Failed
g2.gumgum.com Failed
0 3lift.com Failed
tlx.3lift.com Failed
ib.3lift.com Failed
0 emxdgt.com Failed
hb.emxdgt.com Failed
0 ntv.io Failed
s.ntv.io Failed
0 scorecardresearch.com Failed
sb.scorecardresearch.com Failed
0 quantserve.com Failed
secure.quantserve.com Failed
0 fastly.net Failed
confiant-integrations.global.ssl.fastly.net Failed
0 videoplayerhub.com Failed
freestar-io.videoplayerhub.com Failed
264 40
Domain Requested by
30 www.bleepstatic.com www.bleepingcomputer.com
cdn.connatix.com
www.bleepstatic.com
pagead2.googlesyndication.com
16 cdn.ampproject.org securepubads.g.doubleclick.net
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.bleepingcomputer.com
10 fonts.gstatic.com www.bleepingcomputer.com
www.bleepstatic.com
7 connatix-d.openx.net cdns.connatix.com
www.bleepingcomputer.com
7 i.connatix.com www.bleepingcomputer.com
7 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.bleepingcomputer.com
7 fonts.googleapis.com www.bleepingcomputer.com
securepubads.g.doubleclick.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.bleepingcomputer.com
6 www.google.com 4 redirects www.bleepingcomputer.com
5 de.tynt.com a.pub.network
5 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
4 acdn.adnxs.com a.pub.network
4 d.pub.network a.pub.network
3 www.facebook.com www.bleepingcomputer.com
connect.facebook.net
3 connect.facebook.net a.pub.network
connect.facebook.net
3 www.googletagservices.com pagead2.googlesyndication.com
a.pub.network
securepubads.g.doubleclick.net
2 u.openx.net a.pub.network
2 cdn.districtm.io a.pub.network
2 sync.bfmio.com a.pub.network
2 cdn.connectad.io a.pub.network
2 i.connectad.io a.pub.network
2 web.hb.ad.cpe.dotomi.com a.pub.network
2 trk.connatix.com www.bleepingcomputer.com
2 hbx.media.net a.pub.network
hbx.media.net
2 static.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
2 www.google-analytics.com www.googletagmanager.com
www.bleepingcomputer.com
2 a.pub.network www.bleepingcomputer.com
a.pub.network
1 eus.rubiconproject.com a.pub.network
1 v1.addthisedge.com s9.addthis.com
1 api.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 privacy-api-gateway.quantcast.com quantcast.mgr.consensu.org
1 core.connatix.com cdns.connatix.com
1 ck.connatix.com cdns.connatix.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 quantcast.mgr.consensu.org www.bleepstatic.com
1 cdns.connatix.com cdn.connatix.com
1 s9.addthis.com www.bleepingcomputer.com
1 cse.google.com www.bleepingcomputer.com
1 www.googletagmanager.com www.bleepingcomputer.com
1 cdn.connatix.com www.bleepingcomputer.com
1 www.bleepingcomputer.com
0 s7.addthis.com Failed s9.addthis.com
0 edba.brealtime.com Failed www.bleepingcomputer.com
0 ib.3lift.com Failed a.pub.network
0 biddr.brealtime.com Failed a.pub.network
0 cm.g.doubleclick.net Failed www.bleepingcomputer.com
0 ib.adnxs.com Failed a.pub.network
0 freestar-d.openx.net Failed a.pub.network
0 ssc.33across.com Failed a.pub.network
0 dmx.districtm.io Failed a.pub.network
0 btlr.sharethrough.com Failed a.pub.network
0 fastlane.rubiconproject.com Failed a.pub.network
0 g2.gumgum.com Failed a.pub.network
0 display.bfmio.com Failed a.pub.network
0 tlx.3lift.com Failed a.pub.network
0 hb.emxdgt.com Failed a.pub.network
0 rtb.connatix.com Failed cdns.connatix.com
0 c.pub.network Failed a.pub.network
0 s.ntv.io Failed a.pub.network
0 sb.scorecardresearch.com Failed a.pub.network
0 secure.quantserve.com Failed a.pub.network
0 confiant-integrations.global.ssl.fastly.net Failed a.pub.network
0 freestar-io.videoplayerhub.com Failed a.pub.network
0 audit.quantcast.mgr.consensu.org Failed static.quantcast.mgr.consensu.org
264 66
Subject Issuer Validity Valid
bleepingcomputer.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-12 -
2020-05-17		 2 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
ssl391376.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-06-20 -
2019-12-27		 6 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2018-08-20 -
2019-10-19		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-06-06 -
2020-09-04		 a year crt.sh
ssl376957.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-07-09 -
2020-01-15		 6 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2019-05-06 -
2020-06-06		 a year crt.sh
*.quantcast.com
DigiCert SHA2 High Assurance Server CA		 2018-09-06 -
2019-10-01		 a year crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2019-02-09 -
2020-05-16		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2018-12-30 -
2020-03-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-06-06 -
2019-09-04		 3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
misc-sni.google.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-05-25 -
2020-05-25		 2 years crt.sh
connectad.io
CloudFlare Inc ECC CA-2		 2018-08-18 -
2019-08-18		 a year crt.sh
*.openx.net
DigiCert ECC Secure Server CA		 2019-02-08 -
2020-05-12		 a year crt.sh
*.bfmio.com
Go Daddy Secure Certificate Authority - G2		 2016-09-05 -
2019-09-05		 3 years crt.sh
*.tynt.com
COMODO RSA Domain Validation Secure Server CA		 2014-10-14 -
2019-10-13		 5 years crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-16 -
2020-05-16		 a year crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-02-13 -
2021-02-17		 2 years crt.sh

This page contains 36 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Frame ID: 1CCAB2D95CC6439473D0DA2E766A30EE
Requests: 170 HTTP requests in this frame

Frame: https://cdns.connatix.com/p/1617/min/connatix.renderer.infeed.min_dc.js
Frame ID: FA2782B05F1669875BBD04B7BCB67D72
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190710/r20190131/show_ads_impl.js
Frame ID: EA59B66CA49FA95B5C05CFF7EE5B37E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190710/r20190131/zrt_lookup.html
Frame ID: 37E492B962AA703E96CBAEA08BC3FA1C
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v22/cmp-3pc-check.html
Frame ID: 1C852B97294933AB9BD804B7F6CC2FF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1563219289&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1563232862876&bpp=9&bdt=206&fdt=72&idt=72&shv=r20190710&cbv=r20190131&saldr=aa&abxe=1&correlator=717368436602&frm=20&pv=2&ga_vid=1282756283.1563232863&ga_sid=1563232863&ga_hid=1770032646&ga_fc=0&iag=0&icsg=137441583104&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=5174&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061796%2C21063904%2C21063397&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=3733268371&ifi=1&uci=1.n4qmrbn5at6j&fsb=1&xpc=R9b6Tr893F&p=https%3A//www.bleepingcomputer.com&dtd=86
Frame ID: DBE8A7A409E5D14798604E13C1E21FFB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1563219289&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1563232862885&bpp=4&bdt=216&fdt=91&idt=91&shv=r20190710&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=717368436602&frm=20&pv=1&ga_vid=1282756283.1563232863&ga_sid=1563232863&ga_hid=1770032646&ga_fc=0&iag=0&icsg=2336464838656&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061796%2C21063904%2C21063397&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2001182872&ifi=1&uci=1.apuluztbxptm&fsb=1&dtd=100
Frame ID: A86BDA206CB217DB8388D191882D44EC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Frame ID: 25FB81F39DAFA219C675E1F573A7C406
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Frame ID: AC134D2226A26A5E8C8F8489AE0DBEB7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/031907091704050/amp4ads-v0.js
Frame ID: 56CE62D087A59C5ADC6D1FC4E4BB66DC
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Frame ID: 8E30F1B1BD2181ABC25AC658385B442F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/031907091704050/amp4ads-v0.js
Frame ID: 2D322D6E699788C7C83FAEEA27FFCF46
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvu4N4bVJcE0_DtEOBUvw9WyAJL8cf0MYa2orORs5Ci_n1wZB0ciyyg0Tcup_Hef9idFXU6arF396rEgrkedLe66UuSdGNso81yQB3h8CppdHmf9xiYmhQmkrDY7Bdhb7zxotpECPj0-6jSsEkgPGYPuy9Z1DP2bBwfab1PUSc2pNV68jTaRzFxtssZea1mjFG4P5dE12vxhZpXKJRK8wVmFkET2GcQ030yLg6TA9uKptYls2quEl_zTJ0tRX2s0kqOzDxwEfULwG-WgAedirmPn36Q0Vk56PI_&sig=Cg0ArKJSzCmwng6D_ukiEAE&urlfix=1&adurl=
Frame ID: 3BFF119E634856F0826099DE57458CD3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/031907091704050/amp4ads-v0.js
Frame ID: A1EB85A6D1E01623F3E9086141B47CB5
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8B3B9B7EFEA386992A11E0DB47B9D055
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: B9B7F378E54A47806C989D8C1B8063E3
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=92fd6b68-fe21-44c5-bce8-6f519808339c&gdpr=0&gc=&gce=1
Frame ID: 0F3BBC77D3F1956528269742AFF9A343
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ddRMkSZxSr6lrlaKkv7mNO
Frame ID: 0A23ED321CB169C1007D76FD27772127
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: BCB57E33C505C09FD0786235925526BA
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dxLHU2ZxSr6lrlaKkv7mNO
Frame ID: 8521C8EAE5061C1F40D16639CD5BE0B9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: EEB6513A3AF5C73A1336B714F78EE3A9
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 1B7E0C0245018505B0C44A18735BD612
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 60364D7C29DA7DC93A330E7F6E95AB2C
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cMP4reZxWr6jPmaKlId8sQ
Frame ID: 2766ADA022402B6145008382B228964A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 5BB0A6BE8FF7B368F4EB0C06CE7F0CC3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 3E76ED7ECBCE4F425368C685B7CDE30C
Requests: 1 HTTP requests in this frame

Frame: https://ib.3lift.com/sync
Frame ID: C5AA5E9BC28BF15822F410C1E7709EE7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3AF19F46F75F3856C1CC0C50E0A5E38A
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0787364C50BE3FEC1389ACF5BD5F31C0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 7B05FB05B39934D80DDD2D97C86E5EB9
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=bzPstcZxSr6lrlaKkv7mNO
Frame ID: BD512FC1549B9FD67A8DF17C2A97F867
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=bBb-SI6fGr6iocaKkv7mNO
Frame ID: A61922BD2B4321FD8DCE44650DC8B01F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 34E1C99067118D1BE03A43EFC676838B
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=92fd6b68-fe21-44c5-bce8-6f519808339c&gdpr=0&gc=&gce=1
Frame ID: A181121459104A9C386849217900A28F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: DCFF45D86271B0351A4E518C31388DFA
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
Frame ID: 5F3DEE8EE91F2245745B41A2EA6D5C5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

New DoppelPaymer Ransomware Emerges from BitPaymer's CodeFacebookTwitterLinkedInEmail

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

264
Requests

64 %
HTTPS

56 %
IPv6

40
Domains

66
Subdomains

36
IPs

7
Countries

2696 kB
Transfer

6690 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Request Chain 138
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 139
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 140
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 235
  • https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=15e2ea190aa7ce059c881563232877440&vwd=834&vht=470&gdpr=1&gdpr_consent=0 HTTP 302
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=15e2ea190aa7ce059c881563232877440&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Request Chain 236
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=15e2ea190aa7ce059c881563232877440&vwd=834&vht=470&gdpr=1&gdpr_consent=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 262
  • https://connatix-d.openx.net/v/1.0/av?auid=540193947&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=ef41c3a8983c9ab224bf1563232880753&vwd=834&vht=470&gdpr=1&gdpr_consent=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

264 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/ 		65 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fa3ce4f428af06e7f41bd1733d2964b04260f03ce0e9fd7cacb6ff6d067b1ac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.bleepingcomputer.com
:scheme
https
:path
/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 15 Jul 2019 23:21:02 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d8be7452b1bfa931313512753e0e7cd941563232862; expires=Tue, 14-Jul-20 23:21:02 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly session_id=a96aacf9ce888896819522a695c56ef6; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=6387; expires=Wed, 14-Aug-2019 23:21:02 GMT; Max-Age=2592000; path=/;Secure
content-security-policy
upgrade-insecure-requests;
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
last-modified
Mon, 15 Jul 2019 19:34:49 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4f6f786c68a99c4b-AMS
content-encoding
br
css
fonts.googleapis.com/ 		14 KB
897 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e1ed25f4abd181e54349b19a94bd563692385ef339df2540abbee5638ccb3765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 15 Jul 2019 23:21:02 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 15 Jul 2019 23:21:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:02 GMT
bootstrap.css
www.bleepstatic.com/css/redesign/ 		111 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
age
586414
cf-polished
origSize=137522
status
200
cf-bgj
minify
last-modified
Fri, 23 Sep 2016 14:33:06 GMT
server
cloudflare
etag
W/"2184297232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4f6f7870188a9c1b-AMS
expires
Tue, 26 Mar 2019 04:25:05 GMT
main.css
www.bleepstatic.com/css/redesign/ 		51 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
age
1623388
cf-polished
origSize=60842
status
200
cf-bgj
minify
last-modified
Thu, 16 Aug 2018 15:28:40 GMT
server
cloudflare
etag
W/"4249134023"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4f6f7870188e9c1b-AMS
expires
Thu, 14 Mar 2019 04:21:16 GMT
home.css
www.bleepstatic.com/css/redesign/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
age
437662
cf-polished
origSize=14998
status
200
cf-bgj
minify
last-modified
Sat, 24 Mar 2018 16:18:00 GMT
server
cloudflare
etag
W/"2402535603"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4f6f7870188c9c1b-AMS
expires
Wed, 27 Mar 2019 21:45:08 GMT
news.css
www.bleepstatic.com/css/redesign/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6d4ea4e2f95dcd77bc3acb8408f8ed9c2d9453aeafef8af9387b04e6c9a8ff9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
age
2202034
cf-polished
origSize=32748
status
200
cf-bgj
minify
last-modified
Mon, 28 Jan 2019 20:41:57 GMT
server
cloudflare
etag
W/"3696970514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4f6f7870188b9c1b-AMS
expires
Thu, 20 Jun 2019 11:39:31 GMT
jquery-1.11.1.min.js
www.bleepstatic.com/js/redesign/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 12:36:44 GMT
server
cloudflare
age
368796
etag
W/"3647451394"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3024000
cf-ray
4f6f7870188f9c1b-AMS
access-control-allow-origin
*
expires
Thu, 28 Mar 2019 16:53:04 GMT
news.js
www.bleepstatic.com/js/redesign/ 		183 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
age
1015561
cf-polished
origSize=247
status
200
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
server
cloudflare
etag
W/"4218930423"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4f6f787018909c1b-AMS
expires
Thu, 21 Mar 2019 05:10:14 GMT
connatix.renderer.infeed.min.js
cdn.connatix.com/min/ 		957 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
a194b8a4eb3dca8999a301fcbb5f5e8608ca5cbcf0af0448fb67827ef77a3571

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
via
1.1 varnish
server
Varnish
age
0
x-cache
HIT
content-type
application/javascript
status
200
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-cache-hits
0
accept-ranges
bytes
x-timer
S1563232863.691951,VS0,VE0
content-length
957
retry-after
0
x-served-by
cache-hhn4070-HHN
qc-consent.js
www.bleepstatic.com/js/qc-consent/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
age
508123
cf-polished
origSize=3848
status
200
cf-bgj
minify
last-modified
Thu, 07 Feb 2019 13:49:44 GMT
server
cloudflare
etag
W/"3981350888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4f6f787038a49c1b-AMS
expires
Wed, 27 Mar 2019 02:09:12 GMT
js
www.googletagmanager.com/gtag/ 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae3d9908190751ed5b60125bc728a480caa63e16550f72fb6b4dbb49f66bd3e4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
last-modified
Mon, 15 Jul 2019 22:06:17 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25677
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:02 GMT
logo.png
www.bleepstatic.com/images/site/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
age
337355
cf-polished
origFmt=png, origSize=1882
status
200
content-disposition
inline; filename="logo.webp"
cf-bgj
imgq:85
content-length
1152
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f787078cb9c1b-AMS
expires
Sun, 11 Aug 2019 01:38:27 GMT
brand
cse.google.com/coop/cse/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
pfe /
Resource Hash
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:00:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
age
1211
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
1181
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:30:51 GMT

Redirect headers

date
Mon, 15 Jul 2019 23:21:02 GMT
x-content-type-options
nosniff
server
sffe
location
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
266
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e4b566a42a389c7278cab9a7c7a0a2d49ee27df3d5be9d006137230d84cb52a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
34254
x-xss-protection
0
server
cafe
etag
17491545091033671318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 15 Jul 2019 23:21:02 GMT
twitter.png
www.bleepstatic.com/images/site/login/ 		475 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9278e008fc4edcd157a9a7b3f5dfbd75c167f405d11296e19c313dc5d052cc2

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
age
1900960
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f787078cd9c1b-AMS
access-control-allow-origin
*
content-length
475
expires
Fri, 24 May 2019 23:15:26 GMT
bootstrap.js
www.bleepstatic.com/js/redesign/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
age
410736
cf-polished
origSize=65813
status
200
cf-bgj
minify
last-modified
Thu, 23 Apr 2015 12:36:43 GMT
server
cloudflare
etag
W/"3930092018"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4f6f787078cf9c1b-AMS
expires
Thu, 28 Mar 2019 05:13:57 GMT
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
server
cloudflare
age
398889
etag
W/"753357888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3024000
cf-ray
4f6f787038a59c1b-AMS
access-control-allow-origin
*
expires
Thu, 28 Mar 2019 08:32:18 GMT
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
age
930464
cf-polished
origSize=3600
status
200
cf-bgj
minify
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4f6f787078d09c1b-AMS
expires
Fri, 22 Mar 2019 04:49:09 GMT
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
age
669139
cf-polished
origSize=48706
status
200
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"327140449"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4f6f787078d19c1b-AMS
expires
Mon, 25 Mar 2019 04:42:04 GMT
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
server
cloudflare
age
1013747
etag
W/"1740214911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3024000
cf-ray
4f6f787078c99c1b-AMS
access-control-allow-origin
*
expires
Thu, 21 Mar 2019 05:36:11 GMT
addthis_widget.js
s9.addthis.com/js/300/ 		344 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5e4fc2a9f143ce79202a0978e34d48650075032ba6be805e1219cbe2f6d25a80

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:18 GMT
content-encoding
gzip
last-modified
Tue, 25 Jun 2019 19:16:58 GMT
etag
"5d12732a-56165"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
x-host
s9.addthis.com
accept-ranges
bytes
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		429 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:bf72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf5081f20d36f166d60ab798305a57e96fb36f099e89453550dd570d30d9ee31

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2UqIQI-oPEQSAeBOQo9G2uU8or9737j-onB6wNLXKQiiZHvtbPNmTN8vYpcfaEaaryrhu4sdS1dObjE6KqIv2l-3sGxVaQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Fri, 12 Jul 2019 17:05:29 GMT
server
cloudflare
etag
W/"4542644457f39d2649023e01c5c18f86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=q+d6PA==, md5=RUJkRFfznSZJAj4BxcGPhg==
content-type
application/javascript
x-goog-generation
1562951129654234
cache-control
public, max-age=1800
x-goog-stored-content-length
439326
cf-ray
4f6f7870ba0964eb-FRA
expires
Mon, 15 Jul 2019 23:51:03 GMT
login_bg.png
www.bleepstatic.com/images/site/ 		187 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
46f054a5c98b253c46ff84547ce118625668349700a0730724df4bb25bcf5f78

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
age
1894380
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f787078d99c1b-AMS
access-control-allow-origin
*
content-length
187
expires
Sat, 25 May 2019 01:06:01 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 09 Jul 2019 05:49:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
581487
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Wed, 08 Jul 2020 05:49:35 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Thu, 13 Jun 2019 22:52:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:03 GMT
server
sffe
age
2766511
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Fri, 12 Jun 2020 22:52:31 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
nav_bg.png
www.bleepstatic.com/images/site/ 		83 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6d408ceb31cfae3d3d87971b82e522a331aa2eb042a793223b7ec19e419c564

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
age
1898150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f787088e39c1b-AMS
access-control-allow-origin
*
content-length
83
expires
Fri, 24 May 2019 23:57:34 GMT
connatix.renderer.infeed.min_dc.js
cdns.connatix.com/p/1617/min/ Frame FA27 		714 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.connatix.com/p/1617/min/connatix.renderer.infeed.min_dc.js
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
4d38cc8a80265589fbba64d602ec8a68c232210fe1f0f1af845b9119609367a6

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
gzip
age
7429
x-cache
MISS, HIT
status
200
content-length
189201
via
1.1 varnish, 1.1 varnish
x-served-by
cache-dca17727-DCA, cache-hhn4070-HHN
last-modified
Mon, 15 Jul 2019 21:16:29 GMT
x-timer
S1563232863.805604,VS0,VE0
etag
"e6b8b5a743313df06b086b73db7e3c81"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
0, 522
cmp.js
quantcast.mgr.consensu.org/ 		143 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:7a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fd978e8be22f136218af942148e275058414253ea503b46b6074f315aa300a8

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:06:25 GMT
content-encoding
gzip
last-modified
Thu, 11 Jul 2019 19:11:05 GMT
server
AmazonS3
age
1481
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA50
x-amz-cf-id
bVULCQu05zZhpfDxAWtmY5C-WVRwu_M8lNwkf4cAfP1yKmMO_HjrYg==
via
1.1 aac86dd0bb06b97ef178f97d0c65ee5f.cloudfront.net (CloudFront)
20x20-printer.png
www.bleepstatic.com/images/site/ 		422 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
age
365119
cf-polished
origFmt=png, origSize=824
status
200
content-disposition
inline; filename="20x20-printer.webp"
cf-bgj
imgq:85
content-length
422
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f787098eb9c1b-AMS
expires
Sat, 10 Aug 2019 17:55:43 GMT
calendar.png
www.bleepstatic.com/images/site/ 		129 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
61cb7a1fefe87904c7b02aa16c88d4b42805526d63f9d20f2f797380713e4577

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
age
1298765
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f787098ed9c1b-AMS
access-control-allow-origin
*
content-length
129
expires
Fri, 31 May 2019 22:31:50 GMT
clock.png
www.bleepstatic.com/images/site/ 		252 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
age
342747
cf-polished
origFmt=png, origSize=1316
status
200
content-disposition
inline; filename="clock.webp"
cf-bgj
imgq:85
content-length
252
last-modified
Fri, 29 May 2015 07:08:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f787098ee9c1b-AMS
expires
Sun, 11 Aug 2019 00:08:35 GMT
comment-light.png
www.bleepstatic.com/images/site/ 		96 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
age
1126753
cf-polished
origFmt=png, origSize=1034
status
200
content-disposition
inline; filename="comment-light.webp"
cf-bgj
imgq:85
content-length
96
last-modified
Fri, 29 May 2015 07:08:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f787098ef9c1b-AMS
expires
Thu, 01 Aug 2019 22:21:49 GMT
32x32-printer.png
www.bleepstatic.com/images/site/ 		256 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
age
342984
cf-polished
origFmt=png, origSize=618
status
200
content-disposition
inline; filename="32x32-printer.webp"
cf-bgj
imgq:85
content-length
256
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f787098f09c1b-AMS
expires
Sun, 11 Aug 2019 00:04:38 GMT
f6ed52794113bed991ef57a9029d9e70.jpg
www.bleepstatic.com/author/photos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/author/photos/f6ed52794113bed991ef57a9029d9e70.jpg
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5cdcb6c15e64a5c414ce8c8726bb1c9b57e7dfeae98b6099dfd280ba633418c

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
age
149658
cf-polished
degrade=85, origSize=52423, status=webp_bigger
status
200
cf-bgj
imgq:85
content-length
7067
last-modified
Wed, 08 Aug 2018 21:58:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f787098f19c1b-AMS
expires
Fri, 14 Jun 2019 05:36:57 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Sun, 02 Jun 2019 21:49:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:14:42 GMT
server
sffe
age
3720710
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Mon, 01 Jun 2020 21:49:12 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 09 Jul 2019 01:47:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:38 GMT
server
sffe
age
596037
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Wed, 08 Jul 2020 01:47:05 GMT
h4-bg.png
www.bleepstatic.com/images/site/ 		72 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb3aaeb6bd2ba6d6c88f1497a5b86b2dba5ed0a39dcdbe82ee94dd06990e146

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
age
1897739
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f7870a8fa9c1b-AMS
access-control-allow-origin
*
content-length
72
expires
Sat, 25 May 2019 00:08:06 GMT
news_email_icon.png
www.bleepstatic.com/images/site/ 		126 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Referer
https://www.bleepstatic.com/css/redesign/home.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
age
361752
cf-polished
origFmt=png, origSize=1105
status
200
content-disposition
inline; filename="news_email_icon.webp"
cf-bgj
imgq:85
content-length
126
last-modified
Fri, 29 May 2015 07:10:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f7870a8fb9c1b-AMS
expires
Sat, 10 Aug 2019 18:51:50 GMT
news_footer_icon.png
www.bleepstatic.com/images/site/ 		186 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
371e60eaea3df0bf53403a81ca0d49fad4e0c08dca679cf6a85300da15bf3208

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
age
1993143
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f7870a8fe9c1b-AMS
access-control-allow-origin
*
content-length
186
expires
Thu, 23 May 2019 21:41:26 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190710/r20190131/ 		212 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190710/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
9c05cfb713974cb4ec97e0175d492fa270aa34401a1fca792f5b7a2d99389c49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
80389
x-xss-protection
0
server
cafe
etag
978010718201408706
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jul 2019 23:21:02 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190710/r20190131/ Frame EA59 		212 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190710/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
9c05cfb713974cb4ec97e0175d492fa270aa34401a1fca792f5b7a2d99389c49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
80389
x-xss-protection
0
server
cafe
etag
978010718201408706
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jul 2019 23:21:02 GMT
ca-pub-0920899300397823.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		108 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-0920899300397823.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 22:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 14 Jul 2019 19:25:30 GMT
server
sffe
age
1869
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
118
x-xss-protection
0
expires
Tue, 16 Jul 2019 10:49:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190710/r20190131/ Frame 37E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190710/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190710/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 10 Jul 2019 21:21:55 GMT
expires
Wed, 24 Jul 2019 21:21:55 GMT
content-type
text/html; charset=UTF-8
etag
6832606795824562093
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7008
x-xss-protection
0
cache-control
public, max-age=1209600
age
439147
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
g
ck.connatix.com/ 		46 B
103 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.connatix.com/g?callback=cnxJSONP_2065e40f489b31c1cc931563232862903
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1617/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
c927369057a524a2ba2bc24ffa545a5b49996b9e4aac8f16bbf2e5648bdd5806

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
via
1.1 varnish
server
Varnish
age
0
x-cache
HIT
status
200
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-cache-hits
0
accept-ranges
bytes
x-timer
S1563232863.924750,VS0,VE0
content-length
46
retry-after
0
x-served-by
cache-hhn4070-HHN
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
6803
date
Mon, 15 Jul 2019 21:27:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17707
expires
Mon, 15 Jul 2019 23:27:39 GMT
0_DoppelPaymer.jpg
www.bleepstatic.com/content/posts/2019/07/15/ 		249 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/posts/2019/07/15/0_DoppelPaymer.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e45c1792035ac701eb39dfc38c66d23c4e9a996601744d7836ac4795b554ef53

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
age
20670
cf-polished
qual=85, origFmt=jpeg, origSize=433860
status
200
content-disposition
inline; filename="0_DoppelPaymer.webp"
cf-bgj
imgq:85
content-length
255342
last-modified
Mon, 15 Jul 2019 17:31:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f7871496e9c1b-AMS
expires
Wed, 14 Aug 2019 17:36:32 GMT
292x176_DNS.jpg
www.bleepstatic.com/content/posts/2019/07/14/thumb/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/posts/2019/07/14/thumb/292x176_DNS.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d06600ce7303bd79f6fece227be128052e9edfeece7d47574b0746ca29df132a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
age
69651
cf-polished
origSize=14897, status=webp_bigger
status
200
cf-bgj
imgq:85
content-length
14203
last-modified
Sun, 14 Jul 2019 14:59:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f7871496f9c1b-AMS
expires
Wed, 14 Aug 2019 04:00:10 GMT
292x176_header-image.jpg
www.bleepstatic.com/content/hl-images/2019/03/29/thumb/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2019/03/29/thumb/292x176_header-image.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c32bd38d17b9c3ab4a8d3d3d8b5755831d3c6cf464d83bc9d21197761d6ff9c6

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
cf-cache-status
HIT
age
69651
cf-polished
qual=85, origFmt=jpeg, origSize=6787
status
200
content-disposition
inline; filename="292x176_header-image.webp"
cf-bgj
imgq:85
content-length
5558
last-modified
Fri, 29 Mar 2019 21:49:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
4f6f787149709c1b-AMS
expires
Wed, 14 Aug 2019 04:00:10 GMT
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
age
364469
cf-polished
origSize=4895
status
200
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"9108074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4f6f787159729c1b-AMS
expires
Thu, 28 Mar 2019 18:04:30 GMT
font-awesome.css
www.bleepstatic.com/css/redesign/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.1.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
br
cf-cache-status
HIT
age
1102091
cf-polished
origSize=26776
status
200
cf-bgj
minify
last-modified
Tue, 03 May 2016 04:39:29 GMT
server
cloudflare
etag
W/"1700274315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
4f6f787159739c1b-AMS
expires
Wed, 03 Jul 2019 05:12:31 GMT
cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v22/ Frame 1C85 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v22/cmp-3pc-check.html
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:bc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
static.quantcast.mgr.consensu.org
:scheme
https
:path
/v22/cmp-3pc-check.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
content-type
text/html
content-length
583
last-modified
Thu, 11 Jul 2019 19:11:02 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
server
AmazonS3
date
Mon, 15 Jul 2019 23:10:14 GMT
etag
"2382c3f01978a379e8fa8bc1a3bec605"
age
925
x-cache
Hit from cloudfront
via
1.1 e98abde3c6a5bc27d4bdd4168baa587d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50
x-amz-cf-id
KQ2aoGBlRli-t9oiSkBCU_KN9vb6ot92jl3BgKY1WDHeGBWWH9LndA==
collect
www.google-analytics.com/r/ 		35 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1770032646&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ul=en-us&de=UTF-8&dt=New%20DoppelPaymer%20Ransomware%20Emerges%20from%20BitPaymer%27s%20Code&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1653509959&gjid=1290274959&cid=1282756283.1563232863&tid=UA-91740-1&_gid=645198783.1563232863&_r=1&gtm=2ou7a0&z=769896011
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jul 2019 23:21:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pls
core.connatix.com/ Frame FA27 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.connatix.com/pls?callback=jQuery32104650225828967691_1563232862900&token=83c6e833-8c07-474c-b10f-079d46320a80&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&c_v=1617_0_0_0_0&page_guid=5c743c0af69f4b53e2821563232862941&spp=1&_=1563232862901
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1617/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.76.63 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-207-76-63.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
b201bca1ac46038b7aae11a1c7e9bb8af1c9206a05a67e7d35b56602ea9bc832

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 15 Jul 2019 23:21:11 GMT
content-encoding
gzip
server
nginx/1.12.2
access-control-allow-origin
*
ads
googleads.g.doubleclick.net/pagead/ Frame DBE8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1563219289&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1563232862876&bpp=9&bdt=206&fdt=72&idt=72&shv=r20190710&cbv=r20190131&saldr=aa&abxe=1&correlator=717368436602&frm=20&pv=2&ga_vid=1282756283.1563232863&ga_sid=1563232863&ga_hid=1770032646&ga_fc=0&iag=0&icsg=137441583104&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=5174&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061796%2C21063904%2C21063397&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=3733268371&ifi=1&uci=1.n4qmrbn5at6j&fsb=1&xpc=R9b6Tr893F&p=https%3A//www.bleepingcomputer.com&dtd=86
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190710/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1563219289&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1563232862876&bpp=9&bdt=206&fdt=72&idt=72&shv=r20190710&cbv=r20190131&saldr=aa&abxe=1&correlator=717368436602&frm=20&pv=2&ga_vid=1282756283.1563232863&ga_sid=1563232863&ga_hid=1770032646&ga_fc=0&iag=0&icsg=137441583104&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=5174&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061796%2C21063904%2C21063397&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=3733268371&ifi=1&uci=1.n4qmrbn5at6j&fsb=1&xpc=R9b6Tr893F&p=https%3A//www.bleepingcomputer.com&dtd=86
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 15 Jul 2019 23:21:03 GMT
server
cafe
content-length
11506
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 15-Jul-2019 23:36:02 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires
Mon, 15 Jul 2019 23:21:03 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190710/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
17c748e24e88ff0243710e65194c2e80dacfb56b12963d4881800055bea3b3a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1563189332429565"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28153
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:02 GMT
fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 		0
0
ads
googleads.g.doubleclick.net/pagead/ Frame A86B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1563219289&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1563232862885&bpp=4&bdt=216&fdt=91&idt=91&shv=r20190710&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=717368436602&frm=20&pv=1&ga_vid=1282756283.1563232863&ga_sid=1563232863&ga_hid=1770032646&ga_fc=0&iag=0&icsg=2336464838656&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061796%2C21063904%2C21063397&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2001182872&ifi=1&uci=1.apuluztbxptm&fsb=1&dtd=100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190710/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1563219289&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1563232862885&bpp=4&bdt=216&fdt=91&idt=91&shv=r20190710&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=717368436602&frm=20&pv=1&ga_vid=1282756283.1563232863&ga_sid=1563232863&ga_hid=1770032646&ga_fc=0&iag=0&icsg=2336464838656&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061796%2C21063904%2C21063397&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2001182872&ifi=1&uci=1.apuluztbxptm&fsb=1&dtd=100
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 15 Jul 2019 23:21:02 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 15-Jul-2019 23:36:02 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires
Mon, 15 Jul 2019 23:21:02 GMT
cache-control
private
cmpui-popup.js
static.quantcast.mgr.consensu.org/v22/ 		172 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v22/cmpui-popup.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:bc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75bcaddf7e2f72e6908bf39b2b5562d2da20b192809795398baca5b26de9ceb2

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:14:36 GMT
content-encoding
gzip
last-modified
Thu, 11 Jul 2019 19:11:01 GMT
server
AmazonS3
age
1191
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-cf-pop
FRA50
x-amz-cf-id
NsJWYU-hzW8lVDfdpiCSrIZkMnQSHAe6jhRunMExKXrZ3CQlN41rTw==
via
1.1 e98abde3c6a5bc27d4bdd4168baa587d.cloudfront.net (CloudFront)
gvl-proxy
privacy-api-gateway.quantcast.com/ 		80 KB
81 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy-api-gateway.quantcast.com/gvl-proxy?version=
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.248 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-248.fra50.r.cloudfront.net
Software
/
Resource Hash
b4468923fadd3156b6126370f0f9d38f737f2d2f75d9b4d519937a30de417f21

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Origin
https://www.bleepingcomputer.com

Response headers

date
Mon, 15 Jul 2019 23:21:07 GMT
via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50
x-amzn-requestid
3951b4eb-a757-11e9-bc41-d5a1b0d4f38a
status
200
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-5d2d0a63-bb85adb56d7210f0e9adf814;Sampled=0
x-amz-apigw-id
c46PlFWSPHcFqVg=
content-length
82253
x-amz-cf-id
E6tISCNndPtrNR5acfPNsvKPI1Pttc65n-ZOZjV9pmvjlETUKLpE1w==
/
audit.quantcast.mgr.consensu.org/ 		0
0
cookie
d.pub.network/ 		36 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/cookie
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
25f5b1f0d35e6eb1212aaab69febfd67dba36880559d231b14a1a71c3329413f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Origin
https://www.bleepingcomputer.com

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 15 Jul 2019 23:21:03 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
gallery.js
freestar-io.videoplayerhub.com/ 		0
0
gpt.js
www.googletagservices.com/tag/js/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d253f9fce2986ee419f6d0c66c1156a5d7b0af556341da6f0782cc726733437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"222 / 618 of 1000 / last-modified: 1563208114"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
11830
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:03 GMT
prebid-analytics-1.33.5.js
a.pub.network/core/ 		323 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-1.33.5.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:bf72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6ac1e8519aa132772c1f732514d4a2cbcd2143a90710b7656bc23024b4c85c

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:03 GMT
content-encoding
br
cf-cache-status
MISS
status
200
x-guploader-uploadid
AEnB2Uq-1udm0XYoKdsPIrd4Jagm0XwOhxfvlqXoXW_6wBFDmNhvGhmbaoCYnvNh4JnaetNbd1aL4Diq4emb4kaWf_p1W0_FbQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Wed, 13 Mar 2019 15:07:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=xB2m2g==, md5=LUwj9S7PGmAQITSf93OXew==
content-type
text/html
x-goog-generation
1552489625640716
cache-control
public, max-age=31536000
x-goog-stored-content-length
330336
cf-ray
4f6f7873cbe264eb-FRA
expires
Tue, 14 Jul 2020 23:21:03 GMT
location
d.pub.network/ 		0
0
pubads_impl_2019070801.js
securepubads.g.doubleclick.net/gpt/ 		150 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019070801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
sffe /
Resource Hash
710bb035af3b6a17b98e7a60f289cbda442b0160707bd4e6b02f9797acda1598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Jul 2019 13:05:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
56394
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:03 GMT
config.js
confiant-integrations.global.ssl.fastly.net/dvS98IKwDukcG6gPDYBBcCk9sKY/gpt_and_prebid/ 		0
0
v2
d.pub.network/floors/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/floors/v2?key=535desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
9e538123f5368d79119763568bcadb4c7e8f84b4def5f15509b6fe8cbfaed86d

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 15 Jul 2019 23:21:04 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
ads
securepubads.g.doubleclick.net/gampad/ 		214 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1446449061855180&correlator=2855318674457903&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21063989&vrg=2019070801&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190715&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_1x1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C1x1%2C300x250%7C300x600&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1563219289&dt=1563232864723&dlt=1563232862670&idt=771&frm=20&biw=1585&bih=1200&oid=3&adxs=429%2C429%2C1075%2C1075%2C261%2C792%2C1075&adys=146%2C5377%2C322%2C1131%2C3954%2C5883%2C1656&adks=960084856%2C976516616%2C771041174%2C2389526111%2C4047242158%2C2635258439%2C523518761&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&dssz=45&icsg=572295813275648&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x120%7C1200x90%7C306x250%7C306x250%7C834x90%7C1585x5883%7C306x250&msz=1170x90%7C1170x90%7C306x250%7C306x250%7C834x90%7C1585x1%7C306x250&blev=1&bisch=1&ga_vid=1282756283.1563232863&ga_sid=1563232863&ga_hid=1770032646&fws=0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
cafe /
Resource Hash
a8113058c3c1bf756f7cc21db6ccaf4942ca0fad6e56e337bab692b9e55ae232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Origin
https://www.bleepingcomputer.com

Response headers

date
Mon, 15 Jul 2019 23:21:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
31706
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,4893662829,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,138254592126,-1
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019070801.js
securepubads.g.doubleclick.net/gpt/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
sffe /
Resource Hash
0f5d6a89240be982d4543fcc3b47a049d3ed974efc2276c273eb172fe9176020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Jul 2019 13:05:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
25860
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:04 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 		0
0
quant.js
secure.quantserve.com/ 		0
0
bxl.js
hbx.media.net/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
83350869751baaf2e1deaaaa691a5769eebc5dfbf27bb23347080187006dbd8a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:20 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=86400
content-length
6637
x-mnet-hl2
E
expires
Tue, 16 Jul 2019 23:21:20 GMT
beacon.js
sb.scorecardresearch.com/ 		0
0
load.js
s.ntv.io/serve/ 		0
0
176c1474-eb75-47b3-9cb0-74e2e5c21939
d.pub.network/rfm/cookie/ 		3 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/rfm/cookie/176c1474-eb75-47b3-9cb0-74e2e5c21939
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 15 Jul 2019 23:21:04 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
classification
d.pub.network/ 		3 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/classification?siteId=535&pageUrl=https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 15 Jul 2019 23:21:04 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
fbevents.js
connect.facebook.net/en_US/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
16120
x-xss-protection
0
pragma
public
x-fb-debug
WewmgmNHrY3CkD17kz19Mxa0qjvvIkUasj42TRE/iCBcW5qKxbdvxjylTcsIk008AygNyQ45n3to2lUsHVtZBw==
x-fb-trip-id
420120009
date
Mon, 15 Jul 2019 23:21:05 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
134240187179576
connect.facebook.net/signals/config/ 		228 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/134240187179576?v=2.8.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
8d9c3e3cfba892b2954a9c28ec67162355632750aa8b45d55323b04bc29ae61b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
61414
x-xss-protection
0
pragma
public
x-fb-debug
x52Snkhnu7ZvSgZqnOi73/8fSXa15JzLMM64zsOtomrHvZd6mKCzdSgugpU8dtCicgfluT9rhACwubfDyqkqTA==
x-fb-trip-id
420120009
date
Mon, 15 Jul 2019 23:21:05 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
bH9NuH3SQE1vSFhhMecLgjXVu/r5pIibhLWZ3PGp1IEFnjEtXHxDk1y/Jg0oa77yjJc17OOCtc6/cI9GRVuGPw==
x-fb-trip-id
420120009
date
Mon, 15 Jul 2019 23:21:05 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=PageView&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&rl=&if=false&ts=1563232865116&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1563232865115.216655848&it=1563232865074&coo=false&rqm=GET
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 15 Jul 2019 23:21:05 GMT
/
www.facebook.com/tr/ 		44 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=134240187179576&ev=ViewContent&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&rl=&if=false&ts=1563232865118&cd[freestar]=176c1474-eb75-47b3-9cb0-74e2e5c21939&cd[client]=392&cd[site]=535&cd[page]=bc40561881399928f99c6d67fe8ef7e3&sw=1600&sh=1200&v=2.8.51&r=stable&ec=1&o=30&fbp=fb.1.1563232865115.216655848&it=1563232865074&coo=false&rqm=GET
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 15 Jul 2019 23:21:05 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 25FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-35/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
3491
date
Mon, 15 Jul 2019 22:53:28 GMT
expires
Tue, 14 Jul 2020 22:53:28 GMT
last-modified
Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1657
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame AC13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-35/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
3491
date
Wed, 10 Jul 2019 05:06:50 GMT
expires
Thu, 09 Jul 2020 05:06:50 GMT
last-modified
Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
497655
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
amp4ads-host-v0.js
cdn.ampproject.org/rtv/031907091704050/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
523aaad0990420b3c7170362f88e36d363fe0877ca2b04599c146776afbe1624
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
362182
status
200
date
Thu, 11 Jul 2019 18:44:43 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
7368
x-xss-protection
0
server
sffe
etag
"8d5d8f6f7f3a6a4f"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:44:43 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/031907091704050/ Frame 56CE 		264 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
96f2e8df92df1dcdd58dcc3e3c4dbb0e5524ac4868bd43ad02d29a1727914e92
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
360560
status
200
date
Thu, 11 Jul 2019 19:11:45 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
73152
x-xss-protection
0
server
sffe
etag
"50dcf920b7095f0b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 19:11:45 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/031907091704050/v0/ Frame 56CE 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b908504c87901a04ded57193d56c7cf7bcca91645a72613faeabe058267cfbfd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
364149
status
200
date
Thu, 11 Jul 2019 18:11:56 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
4934
x-xss-protection
0
server
sffe
etag
"f65bfcd273d8541b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:11:56 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/031907091704050/v0/ Frame 56CE 		143 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8c51ec1dce36c954423c7fa27c3975ea00c947368bd654f1b28b4cafd08aafa2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
364226
status
200
date
Thu, 11 Jul 2019 18:10:39 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
39861
x-xss-protection
0
server
sffe
etag
"84f56424521871c5"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:10:39 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/031907091704050/v0/ Frame 56CE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2ed68f3d110e01d15dc1b7d40aa40cca5d6b9bfc288ee3572165295d2f419327
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
364160
status
200
date
Thu, 11 Jul 2019 18:11:45 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
1454
x-xss-protection
0
server
sffe
etag
"8428cc35436b0bd6"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:11:45 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/031907091704050/v0/ Frame 56CE 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
31cad37bbead709a321d8ef033d2200893199ddf766bc230bb5a64e1311e9c87
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
364162
status
200
date
Thu, 11 Jul 2019 18:11:43 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
13583
x-xss-protection
0
server
sffe
etag
"1e95eb482cd2e112"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:11:43 GMT
css
fonts.googleapis.com/ Frame 56CE 		4 KB
676 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
aed1d3e0e8565661020d1758525a829918ad55926910373ed5ad39c3e9b25ca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 15 Jul 2019 23:21:05 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 15 Jul 2019 23:21:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:05 GMT
css
fonts.googleapis.com/ Frame 56CE 		4 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
aed1d3e0e8565661020d1758525a829918ad55926910373ed5ad39c3e9b25ca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 15 Jul 2019 23:21:05 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 15 Jul 2019 23:21:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:05 GMT
truncated
/ Frame 56CE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98d15b7b6b3b39910d1d52cb6e6a90a47796643af160325bd72975f7f4d1cf91

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 8E30 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-35/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
3491
date
Wed, 10 Jul 2019 05:06:50 GMT
expires
Thu, 09 Jul 2020 05:06:50 GMT
last-modified
Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
497655
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
amp4ads-v0.js
cdn.ampproject.org/rtv/031907091704050/ Frame 2D32 		264 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
96f2e8df92df1dcdd58dcc3e3c4dbb0e5524ac4868bd43ad02d29a1727914e92
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
360560
status
200
date
Thu, 11 Jul 2019 19:11:45 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
73152
x-xss-protection
0
server
sffe
etag
"50dcf920b7095f0b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 19:11:45 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/031907091704050/v0/ Frame 2D32 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b908504c87901a04ded57193d56c7cf7bcca91645a72613faeabe058267cfbfd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
364149
status
200
date
Thu, 11 Jul 2019 18:11:56 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
4934
x-xss-protection
0
server
sffe
etag
"f65bfcd273d8541b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:11:56 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/031907091704050/v0/ Frame 2D32 		143 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8c51ec1dce36c954423c7fa27c3975ea00c947368bd654f1b28b4cafd08aafa2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
364583
status
200
date
Thu, 11 Jul 2019 18:04:42 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
39861
x-xss-protection
0
server
sffe
etag
"84f56424521871c5"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:04:42 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/031907091704050/v0/ Frame 2D32 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2ed68f3d110e01d15dc1b7d40aa40cca5d6b9bfc288ee3572165295d2f419327
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
364155
status
200
date
Thu, 11 Jul 2019 18:11:50 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
1454
x-xss-protection
0
server
sffe
etag
"8428cc35436b0bd6"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:11:50 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/031907091704050/v0/ Frame 2D32 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
31cad37bbead709a321d8ef033d2200893199ddf766bc230bb5a64e1311e9c87
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
364303
status
200
date
Thu, 11 Jul 2019 18:09:22 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
13583
x-xss-protection
0
server
sffe
etag
"1e95eb482cd2e112"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:09:22 GMT
css
fonts.googleapis.com/ Frame 2D32 		4 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
aed1d3e0e8565661020d1758525a829918ad55926910373ed5ad39c3e9b25ca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 15 Jul 2019 23:21:05 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 15 Jul 2019 23:21:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:05 GMT
css
fonts.googleapis.com/ Frame 2D32 		4 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
aed1d3e0e8565661020d1758525a829918ad55926910373ed5ad39c3e9b25ca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 15 Jul 2019 23:21:05 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 15 Jul 2019 23:21:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:05 GMT
truncated
/ Frame 2D32 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c20264180b947bda0d6d2337c73811088a24614e1bb1ba9b446dcbca05169f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3BFF 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvu4N4bVJcE0_DtEOBUvw9WyAJL8cf0MYa2orORs5Ci_n1wZB0ciyyg0Tcup_Hef9idFXU6arF396rEgrkedLe66UuSdGNso81yQB3h8CppdHmf9xiYmhQmkrDY7Bdhb7zxotpECPj0-6jSsEkgPGYPuy9Z1DP2bBwfab1PUSc2pNV68jTaRzFxtssZea1mjFG4P5dE12vxhZpXKJRK8wVmFkET2GcQ030yLg6TA9uKptYls2quEl_zTJ0tRX2s0kqOzDxwEfULwG-WgAedirmPn36Q0Vk56PI_&sig=Cg0ArKJSzCmwng6D_ukiEAE&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Jul 2019 23:21:05 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 3BFF 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
390b39a4d21442f815f2f54c0a91af09bc1dfc428e6cee022b53a56ffc02cca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1563189332429565"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28170
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:05 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/031907091704050/ Frame A1EB 		264 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
96f2e8df92df1dcdd58dcc3e3c4dbb0e5524ac4868bd43ad02d29a1727914e92
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
360560
status
200
date
Thu, 11 Jul 2019 19:11:45 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
73152
x-xss-protection
0
server
sffe
etag
"50dcf920b7095f0b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 19:11:45 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/031907091704050/v0/ Frame A1EB 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b908504c87901a04ded57193d56c7cf7bcca91645a72613faeabe058267cfbfd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
364157
status
200
date
Thu, 11 Jul 2019 18:11:48 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
4934
x-xss-protection
0
server
sffe
etag
"f65bfcd273d8541b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:11:48 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/031907091704050/v0/ Frame A1EB 		143 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8c51ec1dce36c954423c7fa27c3975ea00c947368bd654f1b28b4cafd08aafa2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
364226
status
200
date
Thu, 11 Jul 2019 18:10:39 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
39861
x-xss-protection
0
server
sffe
etag
"84f56424521871c5"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:10:39 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/031907091704050/v0/ Frame A1EB 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2ed68f3d110e01d15dc1b7d40aa40cca5d6b9bfc288ee3572165295d2f419327
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
364155
status
200
date
Thu, 11 Jul 2019 18:11:50 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
1454
x-xss-protection
0
server
sffe
etag
"8428cc35436b0bd6"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:11:50 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/031907091704050/v0/ Frame A1EB 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/031907091704050/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
31cad37bbead709a321d8ef033d2200893199ddf766bc230bb5a64e1311e9c87
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
vary
Accept-Encoding
age
364303
status
200
date
Thu, 11 Jul 2019 18:09:22 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
13583
x-xss-protection
0
server
sffe
etag
"1e95eb482cd2e112"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-content-type-options
nosniff
expires
Fri, 10 Jul 2020 18:09:22 GMT
css
fonts.googleapis.com/ Frame A1EB 		4 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
aed1d3e0e8565661020d1758525a829918ad55926910373ed5ad39c3e9b25ca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 15 Jul 2019 23:21:05 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 15 Jul 2019 23:21:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:05 GMT
css
fonts.googleapis.com/ Frame A1EB 		4 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019070801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
aed1d3e0e8565661020d1758525a829918ad55926910373ed5ad39c3e9b25ca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 15 Jul 2019 23:21:05 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 15 Jul 2019 23:21:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 15 Jul 2019 23:21:05 GMT
truncated
/ Frame A1EB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef43b15d3b4f918f27735d5a734d03e6bc7ae79bca9e3020acfc4c013ff5bcd2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/14654234364334388683/ Frame 56CE 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14654234364334388683/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4ql_2id3Kbxkd4AivlWcMmFXX9_TPA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fd7e00ae0fed9bb7d92e50c4c802869ee9ce934995f0f4128f61044e92626cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Jun 2019 09:14:57 GMT
x-content-type-options
nosniff
last-modified
Fri, 03 May 2019 13:02:42 GMT
server
sffe
age
1605968
content-type
image/jpeg
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
18246
x-xss-protection
0
expires
Fri, 26 Jun 2020 09:14:57 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/5801289084756279573/ Frame 56CE 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5801289084756279573/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qmXTc1DFBgoBgav_artttsSnqcMlQ
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ac0a6691ca5e989e584e2c2c35d8df07d01158936249fd4d9d93bdd16b43c192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 18:59:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 02 Aug 2018 13:28:48 GMT
server
sffe
age
1657291
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
19533
x-xss-protection
0
expires
Thu, 25 Jun 2020 18:59:34 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 56CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClZrwYAotXcqXNIPD7gPB-LvgCP2iqKtXlMCM0qQJuLeUmEMQASDa18U5YJGEn4WMGKAB4-SdtwPIAQapAq2VRHkJCbE-4AIAqAMByAMKqgSWAk_QGiuRMim4ROHKAxT06fLoAXjtxtSK9w69P2V_lIfwFC9nGSpXJsdMkxZT_z76d9RdnvrPMBA-N2mBlsaxGi1Ug54XRz3FpFoXF2C6cTOqeDwd4nlr4cIiopI48Qetj5_byKVCfNRsmUjE4QYcP_SyFpt8BY967k3LG1vDAFX8RBVT6jDcnyhSuuXAOitQHvpCo0tddumbzG_iS_NZ47f2sg_XWoRJm5yUN4tUlao91O5zJUAg5fOyvyI4oPLvaTcmPmlanUKZUrNBpU8NJjRf4t9wYNEvGGdj0pGfUcBuZrU_C9CpwkenXlpepk2nejDpb0_14jNhew9r2YFa1RXmxoEWrlUC_4n4G2HVjEqkqvCLg6nXwATTx9nblwLgBAGSBQQIBBgBkgUECAUYBKAGN4AHhZviSKgHjs4bqAfVyRuoB8HTG6gHhdQbqAeB1BuoB4LUG6gHhtQbqAeE1BuoB-DTG6gHugaoB9nLG6gHz8wbqAemvhvYBwHyBwQQhrkJ0ggJCIDhgBAQARgN8ggbYWR4LXN1YnN5bi0xNzQyMjQ5NjAzMjg5MDgzgAoD2BMM&sigh=lx0AdrISlr8&template_id=492&tpd=AGWhJmuD_BlvBtUKwOEAFIupkjulZCKj6VNBFLNKi-E6Xp_oDw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 56CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvak6KjpHSGHbNn5NcrgSRw4eXQfLfUbwh9IFsfzawfAwOOwRseTFQaH3PLphQDTuOBrVBkrXAlblzk7cuJfyVes-NtQ
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 56CE 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 02:56:03 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
73502
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
2502
x-xss-protection
0
expires
Tue, 16 Jul 2019 02:56:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 56CE 		295 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 07:25:30 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
57335
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
295
x-xss-protection
0
expires
Tue, 16 Jul 2019 07:25:30 GMT
18225045068353784791
tpc.googlesyndication.com/daca_images/simgad/ Frame 2D32 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/18225045068353784791
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
456bcb3a1d4cc41617dd0af1c681516ec1534fb416475b9883ccab4bb27a5690
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 06:27:19 GMT
x-content-type-options
nosniff
age
2739226
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
46684
x-xss-protection
0
last-modified
Mon, 23 May 2016 17:52:44 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jun 2020 06:27:19 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 2D32 		1 KB
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 18:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1660715
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jun 2020 18:02:30 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2D32 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDYqJYAotXduZNIPD7gPB-LvgCM_a8qhW6bmAtK8JwI23ARABINrXxTlgkYSfhYwYoAGxqdr-A8gBAakCLAFIWRe4qT7gAgCoAwHIAwqqBJMCT9AcfRtkfclzPQH01cmxPII7osCHL7ks30iDbo9oIJ5sCctbjH16i7HRNOlGDsneRaLWAFRWQf38bZeHtr15e9OM8S1x_aCGff1yvfWzswfJ5zZGpsbuXN0m0X3qEXEM_dNHxJi8Ocu5kghCfhYcyDzuEyTut0sQR6_C-35xXuBzflC5Oxy2XZZxMEA-eF6JTW_F7oy_9LtGarZAu_A1Rh0iO7URyqb9llys4zolHNPxwB67_ockwOhpf07xfd08L0TLnGzhDo_mDr6VLZeVyoGYk0Oz8qkROx4hYAlTq-waoXX34F2mQAfIGuABC7YP7f4Hnd_3gDDb9PkmCil2d4-hDWNeL9qlxY6ldtmAciD-8B_ABIiy0P__AeAEAZIFBAgEGAGSBQQIBRgEoAZRgAe31qUBqAeOzhuoB9XJG6gHwdMbqAeF1BuoB4HUG6gHgtQbqAeG1BuoB4TUG6gH4NMbqAe6BqgH2csbqAfPzBuoB6a-G9gHAfIHBBDgrgHSCAkIgOGAEBABGA3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPYEwo&sigh=3p6ug69bR1c&tpd=AGWhJms7jf5X_TvvgEejSmmoOg-veVkc8zVJxx3sOrlegkVXag
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D32 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 02:56:03 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
73502
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
2502
x-xss-protection
0
expires
Tue, 16 Jul 2019 02:56:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D32 		295 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 07:25:30 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
57335
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
295
x-xss-protection
0
expires
Tue, 16 Jul 2019 07:25:30 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/2278417944669333881/ Frame A1EB 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2278417944669333881/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qmaoQIkJM286i2KAvhjN6cbE9PU9w
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
82bfa4dc77695a67fcc997d6649fffa01de9c92ed288f3aebc17f5f1098f72e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 10 Jul 2019 07:59:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Jun 2019 18:38:45 GMT
server
sffe
age
487267
content-type
image/jpeg
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14725
x-xss-protection
0
expires
Thu, 09 Jul 2020 07:59:58 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame A1EB 		1 KB
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 18:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1660715
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Jun 2020 18:02:30 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A1EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHqK5YAotXdCaNIPD7gPB-LvgCNu-nvZVsJGXqJMJnKGKuIUUEAEg2tfFOWCRhJ-FjBigAZr2mewDyAEGqQLqwiL2leOyPuACAKgDAcgDCqoEoAJP0DDAI8bUX-Mx3xR5LeksC_o-7k69pSD83_po-b6wyQwjX1LdJWLRppI0Cl1uanOWeoU2USHLRXG-hisW1Gg705tpi5ND_5WzWmUMXRO4v2igJMuDmQ6wuSnIdDpXPRNKWWGytr1IdxZYk3Qe-VMzVp0C7kcGTvtw-wSztSVaK-WcKyAAQGuh6e4TDDicSUA0hyRlop_HDQ6gTI7CnLGCtE398BCodhqkUK74GgFR7PoP9tpqwz9Gwtki0F7KncVDQ7VEiwSYfUBSZTUKECVb2YXFJXuvS9A2-_Q0sdoA8maac5J1GTlqV4icMchbFkafLsmys68ASOoFfgfAwSQ_6auOINqEyYUZ-1yAtdzbLWUG9mORAkrZZI26ON98OWnABIDmoKiSAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfOieYTqAeOzhuoB9XJG6gHwdMbqAeF1BuoB4HUG6gHgtQbqAeG1BuoB4TUG6gH4NMbqAe6BqgH2csbqAfPzBuoB6a-G9gHAfIHBBC21gfSCAkIgOGAEBABGA3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPYEww&sigh=I_DXfSo35kQ&template_id=492&tpd=AGWhJmuf4w9tK-4ABoC5L0f-m5aR6x9ynJt0xzfgwwMunxJTLg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame A1EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSj7A5FBv-I6YCLu_w_gn7rQVlZOVEOCxjW3VoSFNFVvhs4OZqLI0P5EKyumS_WAs-VRkIrfWDtPKy6ejv3c99ie3hnA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A1EB 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 02:56:03 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
73502
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
2502
x-xss-protection
0
expires
Tue, 16 Jul 2019 02:56:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A1EB 		295 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 07:25:30 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
57335
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
295
x-xss-protection
0
expires
Tue, 16 Jul 2019 07:25:30 GMT
c
c.pub.network/ 		0
0
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ Frame 56CE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 09 Jul 2019 05:49:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
581490
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Wed, 08 Jul 2020 05:49:35 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ Frame 56CE 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 09 Jul 2019 01:47:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:38 GMT
server
sffe
age
596040
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Wed, 08 Jul 2020 01:47:05 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ Frame 2D32 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 09 Jul 2019 05:49:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
581490
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Wed, 08 Jul 2020 05:49:35 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ Frame 2D32 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 09 Jul 2019 01:47:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:38 GMT
server
sffe
age
596040
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Wed, 08 Jul 2020 01:47:05 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ Frame A1EB 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 09 Jul 2019 05:49:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
581490
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Wed, 08 Jul 2020 05:49:35 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ Frame A1EB 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 09 Jul 2019 01:47:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:12:38 GMT
server
sffe
age
596040
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Wed, 08 Jul 2020 01:47:05 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2D32
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Mon, 15 Jul 2019 23:21:05 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
246
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 56CE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Mon, 15 Jul 2019 23:21:05 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
246
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame A1EB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Mon, 15 Jul 2019 23:21:05 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
246
x-xss-protection
0
/
www.facebook.com/tr/ Frame 8B3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
4849
pragma
no-cache
cache-control
no-cache
origin
https://www.bleepingcomputer.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
cookie
fr=0VoHu7cjq65Br8kyn..BdLQph...1.0.BdLQph.
Origin
https://www.bleepingcomputer.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Mon, 15 Jul 2019 23:21:05 GMT
c
c.pub.network/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 56CE 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuinhyA-OmIXh90_5aWtqsgnTxX0_y4U8Nu0NfulxBqiaCBMe8FZQ_Vddf8nwkU_CHzWX849nR36vwSvGS4InVMwgZEX8HWKW6VR_CEByA5evu4qICH_gNUGEdY5ZHQ7wQmZqvQ16wGedxs&sai=AMfl-YQF03ZMn2xANTdgpb4MLMiN_Ym6LWZskQHkAanu9adqCR9gOrTgBj5OhCHv6nveVZlycCweANlkrujG-Losxaii49uWumM64BSny5O8udJr1N5Wtz4fbmF0ri8&sig=Cg0ArKJSzHUWBsNqLwDVEAE&cid=CAASF-RormqoaXaxJw_hFX_azG-2LM09t5ge&id=ampim&o=1075,322&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=153&tls=1154&g=100&h=100&pt=337&tt=1154&rpt=337&rst=1563232865277&r=v&adk=771041174&avms=ampa
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jul 2019 23:21:06 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieAccess
api.quantcast.mgr.consensu.org/ 		30 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.202.109 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-109.fra50.r.cloudfront.net
Software
/
Resource Hash
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Origin
https://www.bleepingcomputer.com

Response headers

date
Mon, 15 Jul 2019 23:21:09 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50
x-amzn-requestid
3a23d162-a757-11e9-a4fc-055f766903fe
x-cache
Error from cloudfront
status
404
x-amz-apigw-id
c46PyH9XoAMFWig=
content-length
50
access-control-allow-origin
https://www.bleepingcomputer.com
x-amzn-trace-id
Root=1-5d2d0a65-d1798779a5318336fdc067ef;Sampled=0
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json
via
1.1 528e50fb19578ca598eb8f9e2157ef09.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
x-amz-cf-id
MwUcM8V6fl3rcVkqQMrSEQK13e2TqkJkyJxqmxVggWg-1ASMxxRJcA==
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
/
audit.quantcast.mgr.consensu.org/ 		0
0
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
g
rtb.connatix.com/ 		0
0
204.jpg
i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/204.jpg?mode=stretch&connatiximg=true&scale=both&height=469&width=834
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
0ef0811ccc0bbaf5a899ba4d96fb51245423336a15be65797675e2f890cf645e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:11 GMT
via
1.1 varnish, 1.1 varnish
age
10964
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
5, 1
accept-ranges
bytes
x-timer
S1563232871.410456,VS0,VE0
access-control-allow-origin
*
content-length
15224
x-served-by
cache-sjc3150-SJC, cache-hhn4066-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/cc84d580-5b24-48f0-b0c8-e9d8b1ae0c4e/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/cc84d580-5b24-48f0-b0c8-e9d8b1ae0c4e/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
97f90f580399c53a0fce5dac4ff831772546e3c9b5e65b52b06c58a050b02d80

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:11 GMT
via
1.1 varnish, 1.1 varnish
age
10965
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1563232871.410491,VS0,VE0
access-control-allow-origin
*
content-length
17759
x-served-by
cache-sjc3138-SJC, cache-hhn4066-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/4f18ed2a-fd12-46b3-a1b7-bb555091f43e/ 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/4f18ed2a-fd12-46b3-a1b7-bb555091f43e/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
90434bd2f64d408e4dc71b3167ceba343e1ece096f38acc558f8edaed54f3c13

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:11 GMT
via
1.1 varnish, 1.1 varnish
age
10965
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1563232871.421293,VS0,VE1
access-control-allow-origin
*
content-length
150928
x-served-by
cache-sjc3140-SJC, cache-hhn4066-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/5adbb7f5-c80e-4c5e-88fd-6a2d091a952b/ 		168 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/5adbb7f5-c80e-4c5e-88fd-6a2d091a952b/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c452b7c43de0c08340d9a4915852f92900d7b8bcba97a2ae53ad33c847af97e3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:11 GMT
via
1.1 varnish, 1.1 varnish
age
10965
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
14, 1
accept-ranges
bytes
x-timer
S1563232871.421448,VS0,VE0
access-control-allow-origin
*
content-length
172358
x-served-by
cache-sjc3145-SJC, cache-hhn4066-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/34bd2c68-6940-4a3f-b68e-2a4a75c2f1c6/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/34bd2c68-6940-4a3f-b68e-2a4a75c2f1c6/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e9293c1be31a8acc075471b318683b04db4b1ffe5796df86a2a8b7522439bea6

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:11 GMT
via
1.1 varnish, 1.1 varnish
age
10965
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
3, 1
accept-ranges
bytes
x-timer
S1563232871.421437,VS0,VE0
access-control-allow-origin
*
content-length
34609
x-served-by
cache-sjc3146-SJC, cache-hhn4066-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/c330e4c9-40f0-4969-8c78-a3e9438d91fd/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/c330e4c9-40f0-4969-8c78-a3e9438d91fd/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
d176420a9aac2ead0abdc97fc01bce55070c03524010c0b5ad0f93478ffbaa06

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:11 GMT
via
1.1 varnish, 1.1 varnish
age
97581
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1563232871.421471,VS0,VE2
access-control-allow-origin
*
content-length
86158
x-served-by
cache-sjc3122-SJC, cache-hhn4066-HHN
bleeping-computerlogo-lg.png
www.bleepstatic.com/logos/ 		0
0
0_th_1.jpg
i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/ Frame FA27 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/0_th_1.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:11 GMT
via
1.1 varnish, 1.1 varnish
age
1730903
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 2
accept-ranges
bytes
x-timer
S1563232871.421475,VS0,VE0
access-control-allow-origin
*
content-length
23507
x-served-by
cache-sjc3141-SJC, cache-hhn4066-HHN
av
connatix-d.openx.net/v/1.0/ Frame FA27 		0
0
r
trk.connatix.com/ Frame FA27 		0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/r?connatix_sess=-_TvJxN9hqiQusJFGnJNNbFMZ-pT2qfYv1kw7Jx3KiMVbQF_dicNgbVVXSCIMimMTiZBBDkvlMrkDLO_IqDYnxoTmrRBN5edQKgtaPG7rG3ob5fWcUTQ2XQdSneG9VYS_pYp8a7e0q2TMxEFq9TNQNrKfrZmUGEAWVHzv2KE0UQhLjv4H43AGbSP9gc0bPPp&videoID=639404&c_pl=KdJtIbPr2TYGLqyQQqPSuadfYjc2-Jlx-ExnlqH6ILwnTPOc2nCR59N0TrfcIdi0ssCEzRbr02Lh2Mv45WBa7TrjV4VgFzAI4CLA7sFfxe3v_JAFPJeaRxbE1lEI5gQckfurFZ-dE1MSvuMAnEuTNhmwwll1I3e5XjJIdHN5xonE-mjcz2eIkTUFS9cro_58NZ7DsKg7wYardDAssWbSrE86Iw_yMSnuhK28sFcRG-wRTI2_POZYgtXitmBKI3RT6FrTxBSdHDRWeFEQ44_yCw&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-c&c_v=1617_0_0_0_0&spp=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.228.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-45-228-133.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 15 Jul 2019 23:21:30 GMT
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
0
clr
trk.connatix.com/ Frame FA27 		0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/clr?c_vid=639404&id_cl=acd8276e14c595c47e591563232871361&c_pl=KdJtIbPr2TYGLqyQQqPSuadfYjc2-Jlx-ExnlqH6ILwnTPOc2nCR59N0TrfcIdi0ssCEzRbr02Lh2Mv45WBa7TrjV4VgFzAI4CLA7sFfxe3v_JAFPJeaRxbE1lEI5gQckfurFZ-dE1MSvuMAnEuTNhmwwll1I3e5XjJIdHN5xonE-mjcz2eIkTUFS9cro_58NZ7DsKg7wYardDAssWbSrE86Iw_yMSnuhK28sFcRG-wRTI2_POZYgtXitmBKI3RT6FrTxBSdHDRWeFEQ44_yCw&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-c&c_v=1617_0_0_0_0&spp=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.228.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-45-228-133.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 15 Jul 2019 23:21:30 GMT
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
0
/
hb.emxdgt.com/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
prebid_display
display.bfmio.com/ 		0
0
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		588 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
71da3b7a868feb8d670dacc973dc4acd5a08a9d311a967e49b2a9bd2f35a2858

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jul 2019 23:21:11 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
588
expires
0
v2
i.connectad.io/api/ 		234 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8428 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c09c2521cd9edbf89f9c141e9b9f01539785bcbd2a518f06cce92cf7c2da1d9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jul 2019 23:21:11 GMT
content-encoding
gzip
content-type
application/json
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
4f6f78a74b21c2f9-FRA
alt-svc
clear
via
1.1 google
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
btlr.sharethrough.com/header-bid/ 		0
0
v1
dmx.districtm.io/b/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
arj
freestar-d.openx.net/w/1.0/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
v2
i.connectad.io/api/ 		97 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8428 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdad800002b068b782f0f201faf14991d159eae74122809625fc6f8684507c92

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Jul 2019 23:21:13 GMT
content-encoding
gzip
content-type
application/json
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
4f6f78aef9fbc2f9-FRA
alt-svc
clear
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
arj
freestar-d.openx.net/w/1.0/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
v1
dmx.districtm.io/b/ 		0
0
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		194 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
fa2877c28b8a9b08936943b7571469d99887a7c7f6877fd5bc95ace76beecf43

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jul 2019 23:21:12 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
194
expires
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
prebid_display
display.bfmio.com/ 		0
0
av
connatix-d.openx.net/v/1.0/ Frame FA27 		0
0
av
connatix-d.openx.net/v/1.0/ Frame FA27 		0
0
av
connatix-d.openx.net/v/1.0/ Frame FA27
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=15e2ea190aa7ce059c...
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=15e2ea190aa7c...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=15e2ea190aa7ce059c881563232877440&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.220 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:17 GMT
server
OXGW/16.146.0
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=15e2ea190aa7ce059c881563232877440&vwd=834&vht=470&gdpr=1&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
access-control-allow-credentials
true
content-length
0

Redirect headers

date
Mon, 15 Jul 2019 23:21:17 GMT
server
OXGW/16.146.0
status
302
location
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=15e2ea190aa7ce059c881563232877440&vwd=834&vht=470&gdpr=1&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame FA27
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=15e2ea190aa7c...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.220 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jul 2019 23:21:17 GMT
server
OXGW/16.146.0
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
status
302
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jul 2019 23:21:17 GMT
server
OXGW/16.146.0
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FA27 		0
0
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 15 Jul 2019 23:21:21 GMT
content-encoding
gzip
surrogate-key
ra-561517d2c7f964d6
server
Jetty(9.4.8.v20180619)
etag
-1808207170--gzip
vary
Accept-Encoding
cache-tag
ra-561517d2c7f964d6
status
200
cache-control
public, max-age=60, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-type
application/javascript;charset=utf-8
content-length
678
connectmyusers.php
cdn.connectad.io/ Frame B9B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8428 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
date
Mon, 15 Jul 2019 23:21:18 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da5324d36d435784ce343717b12e0b8f81563232878; expires=Tue, 14-Jul-20 23:21:18 GMT; path=/; domain=.connectad.io; HttpOnly
cf-cache-status
HIT
age
7165
expires
Tue, 16 Jul 2019 07:21:18 GMT
cache-control
public, max-age=28800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4f6f78d45887bf0f-FRA
content-encoding
gzip
Cookie set sync_iframe
sync.bfmio.com/ Frame 0F3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=92fd6b68-fe21-44c5-bce8-6f519808339c&gdpr=0&gc=&gce=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.245.130 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-205-245-130.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Mon, 15 Jul 2019 23:21:18 GMT
Set-Cookie
__io_cid=b574dbfa21df4d1ce557c21943ce058721387851; Domain=.bfmio.com; Max-Age=31536000; Expires=Tue, 14-Jul-2020 19:21:19 GMT-0400; Path=/; SameSite=None; Secure
Content-Length
217
Connection
keep-alive
v2
de.tynt.com/deb/ Frame 0A23 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ddRMkSZxSr6lrlaKkv7mNO
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=ddRMkSZxSr6lrlaKkv7mNO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
cache-control
max-age=86400
expires
Tue, 16 Jul 2019 23:21:19 GMT
content-type
text/html
content-length
75
date
Mon, 15 Jul 2019 23:21:18 GMT
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame BCB5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Mon, 15 Jul 2019 23:21:19 GMT
Age
29684365
Connection
keep-alive
X-Served-By
cache-jfk8141-JFK, cache-fra19121-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1389064, 6484601
X-Timer
S1563232879.312643,VS0,VE0
Vary
Accept-Encoding
v2
de.tynt.com/deb/ Frame 8521 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=dxLHU2ZxSr6lrlaKkv7mNO
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=dxLHU2ZxSr6lrlaKkv7mNO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
cache-control
max-age=86400
expires
Tue, 16 Jul 2019 23:21:19 GMT
content-type
text/html
content-length
75
date
Mon, 15 Jul 2019 23:21:18 GMT
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
index.html
cdn.districtm.io/ids/ Frame EEB6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1bef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
date
Mon, 15 Jul 2019 23:21:18 GMT
content-type
text/html
set-cookie
__cfduid=d89740bb6a084f7241cb395081dc054931563232878; expires=Tue, 14-Jul-20 23:21:18 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4f6f78d45acebed8-FRA
content-encoding
br
check.html
biddr.brealtime.com/ Frame 1B7E 		0
0
usync.html
eus.rubiconproject.com/ Frame 6036 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Wed, 19 Jun 2019 15:30:37 GMT
Content-Encoding
gzip
Content-Length
7571
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=69775
Expires
Tue, 16 Jul 2019 18:44:14 GMT
Date
Mon, 15 Jul 2019 23:21:19 GMT
Connection
keep-alive
Vary
Accept-Encoding
v2
de.tynt.com/deb/ Frame 2766 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=cMP4reZxWr6jPmaKlId8sQ
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=cMP4reZxWr6jPmaKlId8sQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
cache-control
max-age=86400
expires
Tue, 16 Jul 2019 23:21:19 GMT
content-type
text/html
content-length
75
date
Mon, 15 Jul 2019 23:21:18 GMT
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
index.html
cdn.districtm.io/ids/ Frame 5BB0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1bef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
date
Mon, 15 Jul 2019 23:21:18 GMT
content-type
text/html
set-cookie
__cfduid=d89740bb6a084f7241cb395081dc054931563232878; expires=Tue, 14-Jul-20 23:21:18 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
cache-control
s-maxage=1209600, max-age=14400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4f6f78d45ad0bed8-FRA
content-encoding
br
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 3E76 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Mon, 15 Jul 2019 23:21:19 GMT
Age
29684365
Connection
keep-alive
X-Served-By
cache-jfk8141-JFK, cache-fra19121-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1389064, 6484602
X-Timer
S1563232879.335568,VS0,VE0
Vary
Accept-Encoding
sync
ib.3lift.com/ Frame C5AA 		0
0
pd
u.openx.net/w/1.0/ Frame 3AF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
cookie
i=ac4d465c-33dc-0008-20a0-4fae776bc281|1563232877; v=1; pd=v2|1563232877|gu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
vary
Accept
set-cookie
i=ac4d465c-33dc-0008-20a0-4fae776bc281|1563232877; Version=1; Expires=Tue, 14-Jul-2020 23:21:30 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1563232877.13|gu.mWkifciymOgi; Version=1; Expires=Tue, 30-Jul-2019 23:21:30 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.146.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 15 Jul 2019 23:21:30 GMT
content-type
text/html
content-encoding
gzip
pd
u.openx.net/w/1.0/ Frame 0787 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
cookie
i=ac4d465c-33dc-0008-20a0-4fae776bc281|1563232877; v=1; pd=v2|1563232877|gu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
vary
Accept
set-cookie
i=ac4d465c-33dc-0008-20a0-4fae776bc281|1563232877; Version=1; Expires=Tue, 14-Jul-2020 23:21:30 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1563232877.13|gu.mWkifciymOgi; Version=1; Expires=Tue, 30-Jul-2019 23:21:30 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.146.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 15 Jul 2019 23:21:30 GMT
content-type
text/html
content-encoding
gzip
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7B05 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Mon, 15 Jul 2019 23:21:19 GMT
Age
29684365
Connection
keep-alive
X-Served-By
cache-jfk8141-JFK, cache-fra19121-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1389064, 6484603
X-Timer
S1563232879.361334,VS0,VE0
Vary
Accept-Encoding
v2
de.tynt.com/deb/ Frame BD51 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=bzPstcZxSr6lrlaKkv7mNO
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=bzPstcZxSr6lrlaKkv7mNO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
cache-control
max-age=86400
expires
Tue, 16 Jul 2019 23:21:19 GMT
content-type
text/html
content-length
75
date
Mon, 15 Jul 2019 23:21:19 GMT
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
v2
de.tynt.com/deb/ Frame A619 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=bBb-SI6fGr6iocaKkv7mNO
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.190 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=bBb-SI6fGr6iocaKkv7mNO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
cache-control
max-age=86400
expires
Tue, 16 Jul 2019 23:21:19 GMT
content-type
text/html
content-length
75
date
Mon, 15 Jul 2019 23:21:18 GMT
p3p
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 34E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Mon, 15 Jul 2019 23:21:19 GMT
Age
29684365
Connection
keep-alive
X-Served-By
cache-jfk8141-JFK, cache-fra19121-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1389064, 6484604
X-Timer
S1563232879.383664,VS0,VE0
Vary
Accept-Encoding
Cookie set sync_iframe
sync.bfmio.com/ Frame A181 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=92fd6b68-fe21-44c5-bce8-6f519808339c&gdpr=0&gc=&gce=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.245.130 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-205-245-130.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/html
Date
Mon, 15 Jul 2019 23:21:18 GMT
Set-Cookie
__io_cid=75314a02dbc88e222171f42c40aa62cfc356b8b3; Domain=.bfmio.com; Max-Age=31536000; Expires=Tue, 14-Jul-2020 19:21:19 GMT-0400; Path=/; SameSite=None; Secure
Content-Length
217
Connection
keep-alive
connectmyusers.php
cdn.connectad.io/ Frame DCFF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8428 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
date
Mon, 15 Jul 2019 23:21:18 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da5324d36d435784ce343717b12e0b8f81563232878; expires=Tue, 14-Jul-20 23:21:18 GMT; path=/; domain=.connectad.io; HttpOnly
cf-cache-status
HIT
age
7165
expires
Tue, 16 Jul 2019 07:21:18 GMT
cache-control
public, max-age=28800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4f6f78d46889bf0f-FRA
content-encoding
gzip
/
edba.brealtime.com/ 		0
0
av
connatix-d.openx.net/v/1.0/ Frame FA27 		48 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=d4871990576984030e2d1563232879455&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1617/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.220 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Origin
https://www.bleepingcomputer.com

Response headers

pragma
no-cache
date
Mon, 15 Jul 2019 23:21:20 GMT
content-encoding
gzip
server
OXGW/16.146.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
expires
Mon, 26 Jul 1997 05:00:00 GMT
checksync.php
hbx.media.net/ Frame 5F3D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

:method
GET
:authority
hbx.media.net
:scheme
https
:path
/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
accept-encoding
gzip, deflate, br
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/

Response headers

status
200
server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Thu, 16 Jan 2020 23:21:20 GMT; domain=.media.net; Path=/; visitor-id=2062344805518230000V10; Expires=Tue, 14 Jul 2020 23:21:20 GMT; domain=.media.net; Path=/;
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=28800
expires
Tue, 16 Jul 2019 07:21:20 GMT
date
Mon, 15 Jul 2019 23:21:20 GMT
content-length
6513
pixel
cm.g.doubleclick.net/ Frame FA27
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?auid=540193947&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=ef41c3a8983c9ab224...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.241.240.220 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.146.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jul 2019 23:21:20 GMT
server
OXGW/16.146.0
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
status
302
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jul 2019 23:21:20 GMT
server
OXGW/16.146.0
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FA27 		0
0
g
rtb.connatix.com/ 		0
0
layers.3a6529022ac1821e9e0a.js
s7.addthis.com/static/ 		0
0
av
connatix-d.openx.net/v/1.0/ Frame FA27 		0
0
av
connatix-d.openx.net/v/1.0/ Frame FA27 		0
0
av
connatix-d.openx.net/v/1.0/ Frame FA27 		0
0
av
connatix-d.openx.net/v/1.0/ Frame FA27 		0
0
av
connatix-d.openx.net/v/1.0/ Frame FA27 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.bleepstatic.com
URL
https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Domain
audit.quantcast.mgr.consensu.org
URL
https://audit.quantcast.mgr.consensu.org/?log=;1563232863008;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F;;;;;p,off,false,,1,en;CMP_Display:initializationdisplay,;Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36
Domain
freestar-io.videoplayerhub.com
URL
https://freestar-io.videoplayerhub.com/gallery.js
Domain
d.pub.network
URL
https://d.pub.network/location
Domain
confiant-integrations.global.ssl.fastly.net
URL
https://confiant-integrations.global.ssl.fastly.net/dvS98IKwDukcG6gPDYBBcCk9sKY/gpt_and_prebid/config.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Domain
secure.quantserve.com
URL
https://secure.quantserve.com/quant.js
Domain
sb.scorecardresearch.com
URL
https://sb.scorecardresearch.com/beacon.js
Domain
s.ntv.io
URL
https://s.ntv.io/serve/load.js
Domain
c.pub.network
URL
https://c.pub.network/c
Domain
c.pub.network
URL
https://c.pub.network/c
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1446449061855180&correlator=2855318674457903&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21063989&vrg=2019070801&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190715&iu_parts=15184186%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&eri=1&cust_params=user-agent%3DChrome&cookie=ID%3D7baf44044ac1995a%3AT%3D1563232864%3AS%3DALNI_MbjA29yYU3ETwj5vbAFxMin2DMYCA&cookie_enabled=1&bc=31&abxe=1&lmt=1563219289&dt=1563232865993&dlt=1563232862670&idt=771&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=1105&adks=3056404191&ucis=f&ifi=10&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&dssz=47&icsg=572295813275648&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x-1&msz=1585x-1&blev=1&bisch=1&psts=CigI7by9nRLoAf7Q9oSDBIICDfrd4Qby3uEGob7d9lDRAu5gwACnK_Sw&ga_vid=1282756283.1563232863&ga_sid=1563232863&ga_hid=1770032646&fws=0&ohw=0
Domain
audit.quantcast.mgr.consensu.org
URL
https://audit.quantcast.mgr.consensu.org/?log=;1563232869421;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F;;;;;p,off,false,,1,en;Shown,;Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36
Domain
rtb.connatix.com
URL
https://rtb.connatix.com/g?c_pw=834&c_ph=469&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&c_ivt=0&connatix_sess=-_TvJxN9hqiQusJFGnJNNbFMZ-pT2qfYv1kw7Jx3KiMVbQF_dicNgbVVXSCIMimMTiZBBDkvlMrkDLO_IqDYnxoTmrRBN5edQKgtaPG7rG3ob5fWcUTQ2XQdSneG9VYS_pYp8a7e0q2TMxEFq9TNQNrKfrZmUGEAWVHzv2KE0UQhLjv4H43AGbSP9gc0bPPp&notServed=false&xplr=true&c_s=false&c_pl=KdJtIbPr2TYGLqyQQqPSuadfYjc2-Jlx-ExnlqH6ILwnTPOc2nCR59N0TrfcIdi0ssCEzRbr02Lh2Mv45WBa7TrjV4VgFzAI4CLA7sFfxe3v_JAFPJeaRxbE1lEI5gQckfurFZ-dE1MSvuMAnEuTNhmwwll1I3e5XjJIdHN5xonE-mjcz2eIkTUFS9cro_58NZ7DsKg7wYardDAssWbSrE86Iw_yMSnuhK28sFcRG-wRTI2_POZYgtXitmBKI3RT6FrTxBSdHDRWeFEQ44_yCw&gdpr=1&med_id=639404&request_guid=93d1fe87cf8c6b75d1dc1563232871388&req_no=0&v=1&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-c&c_v=1617_0_0_0_0&spp=1&callback=cnxJSONP_0bef0883a8fc1871f6a71563232871388
Domain
www.bleepstatic.com
URL
https://www.bleepstatic.com/logos/bleeping-computerlogo-lg.png
Domain
connatix-d.openx.net
URL
https://connatix-d.openx.net/v/1.0/av?auid=540193964&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=99a45f0a74e5f44fb5071563232871389&vwd=834&vht=469&gdpr=1&gdpr_consent=0
Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1200&ts=1563232871529
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=1.32.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&tmax=1200
Domain
display.bfmio.com
URL
https://display.bfmio.com/prebid_display
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=54b17002-5d4f-4a0e-8997-ce0e257044cc&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5045186531421435
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=acc0102d-dad3-40d4-9778-1654aedd102b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8940061312119183
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=f3c43d7f-1998-4ceb-a85c-2a6ea46d0340&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9745780958482326
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=14657dd7-ce43-4bf9-8ef0-9eefa31cded3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.523489786142854
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=9f84b63a-21f2-44f2-b2e1-d820f101c407&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.797860825081862
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=d4c60ad7-6fc3-4fe6-8549-c30518f21b95&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8325833824492042
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=f559990c-c233-4c88-9ed0-f17655a3dfaf&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.20503689958778537
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=748751de409f2fd&placement_key=GrVComq83JzCSLK1pi9waoyR&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=75b139377f7d945&placement_key=wDH8n844o8J5LF7qDwHQ7sj5&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=764a9340f9f765b&placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=7789514ae5f6814&placement_key=GrVComq83JzCSLK1pi9waoyR&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=785359872137d9f&placement_key=wDH8n844o8J5LF7qDwHQ7sj5&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=796797097b3f535&placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=808d52797339daa&placement_key=DSthphoQqH66AkQXPDoXn74b&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=819f7bdceb7db34&placement_key=Y2PwNBba8FyKXESSc72DFF25&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=829a388910224b7&placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=83a9d1255924e44&placement_key=DSthphoQqH66AkQXPDoXn74b&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=8497b26348b7adb&placement_key=Y2PwNBba8FyKXESSc72DFF25&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=854f4b70e25053c&placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=86190f5f83ec408&placement_key=GrVComq83JzCSLK1pi9waoyR&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=87e3ca376b1c665&placement_key=Ggh1aXSgpQAvBpkxoyAsBJPd&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=88b07d2c9570724&placement_key=DSthphoQqH66AkQXPDoXn74b&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=89a7d29fe8cb5bc&placement_key=Y2PwNBba8FyKXESSc72DFF25&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/header-bid/v1?bidId=90b9ff9f5ca04fb&placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
freestar-d.openx.net
URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.5&dddid=54b17002-5d4f-4a0e-8997-ce0e257044cc%2Cacc0102d-dad3-40d4-9778-1654aedd102b%2Cf3c43d7f-1998-4ceb-a85c-2a6ea46d0340%2C14657dd7-ce43-4bf9-8ef0-9eefa31cded3%2C9f84b63a-21f2-44f2-b2e1-d820f101c407%2Cd4c60ad7-6fc3-4fe6-8549-c30518f21b95%2Cf559990c-c233-4c88-9ed0-f17655a3dfaf&nocache=1563232871547&x_gdpr_f=1&pubcid=097ec5c8-e19e-4abf-a775-c2d72b443b3a&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%7C300x250%2C300x600%7C728x90%2C970x90&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3%2Cbleepingcomputer_970x90_728x90_320x50_sticky&auid=539181725%2C539181725%2C539181725%2C539181725%2C539181725%2C539181725%2C539181725&
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=d389901a-b7ff-46e2-bf45-85cb5e0d3711&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3233136961638039
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
freestar-d.openx.net
URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.5&dddid=d389901a-b7ff-46e2-bf45-85cb5e0d3711&nocache=1563232872794&x_gdpr_f=1&pubcid=097ec5c8-e19e-4abf-a775-c2d72b443b3a&aus=728x90%2C970x90&divIds=bleepingcomputer_970x90_728x90_320x50_sticky&auid=539181725&
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
display.bfmio.com
URL
https://display.bfmio.com/prebid_display
Domain
connatix-d.openx.net
URL
https://connatix-d.openx.net/v/1.0/av?auid=540193960&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=4776081379f10e68e0281563232873407&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Domain
connatix-d.openx.net
URL
https://connatix-d.openx.net/v/1.0/av?auid=540193965&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=d32c03c482e6cf4fc1441563232875426&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
biddr.brealtime.com
URL
https://biddr.brealtime.com/check.html
Domain
ib.3lift.com
URL
https://ib.3lift.com/sync?
Domain
edba.brealtime.com
URL
https://edba.brealtime.com/
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
rtb.connatix.com
URL
https://rtb.connatix.com/g?c_pw=834&c_ph=470&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&c_ivt=0&connatix_sess=-_TvJxN9hqiQusJFGnJNNbFMZ-pT2qfYv1kw7Jx3KiMVbQF_dicNgbVVXSCIMimMTiZBBDkvlMrkDLO_IqDYnxoTmrRBN5edQKgtaPG7rG3ob5fWcUTQ2XQdSneG9VYS_pYp8a7e0q2TMxEFq9TNQNrKfrZmUGEAWVHzv2KE0UQhLjv4H43AGbSP9gc0bPPp&notServed=false&xplr=true&c_s=false&c_pl=KdJtIbPr2TYGLqyQQqPSuadfYjc2-Jlx-ExnlqH6ILwnTPOc2nCR59N0TrfcIdi0ssCEzRbr02Lh2Mv45WBa7TrjV4VgFzAI4CLA7sFfxe3v_JAFPJeaRxbE1lEI5gQckfurFZ-dE1MSvuMAnEuTNhmwwll1I3e5XjJIdHN5xonE-mjcz2eIkTUFS9cro_58NZ7DsKg7wYardDAssWbSrE86Iw_yMSnuhK28sFcRG-wRTI2_POZYgtXitmBKI3RT6FrTxBSdHDRWeFEQ44_yCw&gdpr=1&med_id=639404&request_guid=07a4b9d17236bce1226b1563232881428&req_no=1&v=1&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-c&c_v=1617_0_0_0_0&spp=1&callback=cnxJSONP_6948bdcb4dc61c79acba1563232881428
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/layers.3a6529022ac1821e9e0a.js
Domain
connatix-d.openx.net
URL
https://connatix-d.openx.net/v/1.0/av?auid=540193964&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=92f866ccc0addeea070b1563232882761&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Domain
connatix-d.openx.net
URL
https://connatix-d.openx.net/v/1.0/av?auid=540193960&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=2f6d72456ce42cc3775d1563232884774&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Domain
connatix-d.openx.net
URL
https://connatix-d.openx.net/v/1.0/av?auid=540193965&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=b832a266c3d144e7e1de1563232886788&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Domain
connatix-d.openx.net
URL
https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=f7747592f7690f2471ec1563232888803&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Domain
connatix-d.openx.net
URL
https://connatix-d.openx.net/v/1.0/av?auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-doppelpaymer-ransomware-emerges-from-bitpaymers-code%2F&cb=dbaad71ec730a75ee8ce1563232890817&vwd=834&vht=470&gdpr=1&gdpr_consent=0

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| freestar object| apd_options function| gtag object| dataLayer object| elem object| scpt function| __cmp object| adsbygoogle function| Blazy object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop object| jQuery1111038220492665381567 object| google_tag_manager function| loadDeferredStyles function| raf object| google_js_reporting_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad number| _gfp_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars boolean| cnx_poly object| cnxBindings function| cnxUnbind object| cnxtimeouts object| cnxintervals function| cnxSetTimeout function| cnxSetInterval function| cnxClearAll object| cnxUmm string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| cnxPageGuid number| spp object| cnxJSONP_2065e40f489b31c1cc931563232862903 function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| __cmpui function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| _ object| fsdata function| load_script object| googletag object| pbjs object| closure_memoize_cache_ boolean| google_noFetch boolean| google_DisableInitialLoad object| confiant function| pbjsChunk object| __core-js_shared__ function| JSEncrypt object| _qevents object| advBidxc object| _comscore function| Goog_AdSense_OsdAdapter function| fbq function| _fbq object| AMP_CONFIG object| log object| AMPErrors boolean| ampInaboxInitialized object| AMP_MODE function| reportError object| AMP function| cnxJSONP_0bef0883a8fc1871f6a71563232871388 function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config function| _mR function| _mD function| cnxJSONP_6948bdcb4dc61c79acba1563232881428 object| oattr function| cnxAddEventListener

0 Cookies

5 Console Messages

Source Level URL
Text
console-api warning URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1)
Message:
Dependency check failed for Publisher Purpose Legitimate Interest IDs: Publisher Purpose Legitimate Interest IDs must be an array containing only purpose IDs contained in the Publisher Purpose IDs array, the following purpose IDs will be ignored: 1, 4, 5
console-api warning URL: https://static.quantcast.mgr.consensu.org/v22/cmpui-popup.js(Line 1)
Message:
Unable to get NonIab Vendor list.
console-api info URL: https://cdn.ampproject.org/rtv/031907091704050/amp4ads-v0.js(Line 542)
Message:
Powered by AMP ⚡ HTML – Version 1907091704050
console-api info URL: https://cdn.ampproject.org/rtv/031907091704050/amp4ads-v0.js(Line 542)
Message:
Powered by AMP ⚡ HTML – Version 1907091704050
console-api info URL: https://cdn.ampproject.org/rtv/031907091704050/amp4ads-v0.js(Line 542)
Message:
Powered by AMP ⚡ HTML – Version 1907091704050

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
acdn.adnxs.com
adservice.google.com
adservice.google.de
api.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
biddr.brealtime.com
btlr.sharethrough.com
c.pub.network
cdn.ampproject.org
cdn.connatix.com
cdn.connectad.io
cdn.districtm.io
cdns.connatix.com
ck.connatix.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connatix-d.openx.net
connect.facebook.net
core.connatix.com
cse.google.com
d.pub.network
de.tynt.com
display.bfmio.com
dmx.districtm.io
edba.brealtime.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
g2.gumgum.com
googleads.g.doubleclick.net
hb.emxdgt.com
hbx.media.net
i.connatix.com
i.connectad.io
ib.3lift.com
ib.adnxs.com
pagead2.googlesyndication.com
privacy-api-gateway.quantcast.com
quantcast.mgr.consensu.org
rtb.connatix.com
s.ntv.io
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
static.quantcast.mgr.consensu.org
sync.bfmio.com
tlx.3lift.com
tpc.googlesyndication.com
trk.connatix.com
u.openx.net
v1.addthisedge.com
web.hb.ad.cpe.dotomi.com
www.bleepingcomputer.com
www.bleepstatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
audit.quantcast.mgr.consensu.org
biddr.brealtime.com
btlr.sharethrough.com
c.pub.network
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connatix-d.openx.net
d.pub.network
display.bfmio.com
dmx.districtm.io
edba.brealtime.com
fastlane.rubiconproject.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
g2.gumgum.com
hb.emxdgt.com
ib.3lift.com
ib.adnxs.com
rtb.connatix.com
s.ntv.io
s7.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
tlx.3lift.com
tpc.googlesyndication.com
www.bleepstatic.com
104.111.230.142
104.20.59.209
104.24.1.61
151.101.13.108
172.217.21.226
173.241.240.143
173.241.240.220
18.207.76.63
2.18.235.93
2.21.36.164
208.100.17.190
2600:9000:200d:7a00:9:46dc:4700:93a1
2600:9000:200d:bc00:9:46dc:4700:93a1
2606:4700:10::6814:8428
2606:4700:20::6819:bf72
2606:4700::6812:1bef
2a00:1450:4001:806::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:815::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:81b::2001
2a00:1450:4001:81e::2003
2a00:1450:4001:81e::200a
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2004
2a02:fa8:8806:13::1460
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::645
34.205.245.130
35.188.71.214
52.45.228.133
54.230.202.109
54.230.202.248
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0ef0811ccc0bbaf5a899ba4d96fb51245423336a15be65797675e2f890cf645e
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0f5d6a89240be982d4543fcc3b47a049d3ed974efc2276c273eb172fe9176020
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17c748e24e88ff0243710e65194c2e80dacfb56b12963d4881800055bea3b3a2
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1c20264180b947bda0d6d2337c73811088a24614e1bb1ba9b446dcbca05169f2
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
25f5b1f0d35e6eb1212aaab69febfd67dba36880559d231b14a1a71c3329413f
2c09c2521cd9edbf89f9c141e9b9f01539785bcbd2a518f06cce92cf7c2da1d9
2ed68f3d110e01d15dc1b7d40aa40cca5d6b9bfc288ee3572165295d2f419327
31cad37bbead709a321d8ef033d2200893199ddf766bc230bb5a64e1311e9c87
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
371e60eaea3df0bf53403a81ca0d49fad4e0c08dca679cf6a85300da15bf3208
390b39a4d21442f815f2f54c0a91af09bc1dfc428e6cee022b53a56ffc02cca9
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382
456bcb3a1d4cc41617dd0af1c681516ec1534fb416475b9883ccab4bb27a5690
46f054a5c98b253c46ff84547ce118625668349700a0730724df4bb25bcf5f78
4a6ac1e8519aa132772c1f732514d4a2cbcd2143a90710b7656bc23024b4c85c
4bb3aaeb6bd2ba6d6c88f1497a5b86b2dba5ed0a39dcdbe82ee94dd06990e146
4d38cc8a80265589fbba64d602ec8a68c232210fe1f0f1af845b9119609367a6
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
523aaad0990420b3c7170362f88e36d363fe0877ca2b04599c146776afbe1624
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d253f9fce2986ee419f6d0c66c1156a5d7b0af556341da6f0782cc726733437
5e4fc2a9f143ce79202a0978e34d48650075032ba6be805e1219cbe2f6d25a80
5fd7e00ae0fed9bb7d92e50c4c802869ee9ce934995f0f4128f61044e92626cc
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
61cb7a1fefe87904c7b02aa16c88d4b42805526d63f9d20f2f797380713e4577
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6fa3ce4f428af06e7f41bd1733d2964b04260f03ce0e9fd7cacb6ff6d067b1ac
6fd978e8be22f136218af942148e275058414253ea503b46b6074f315aa300a8
710bb035af3b6a17b98e7a60f289cbda442b0160707bd4e6b02f9797acda1598
71da3b7a868feb8d670dacc973dc4acd5a08a9d311a967e49b2a9bd2f35a2858
75bcaddf7e2f72e6908bf39b2b5562d2da20b192809795398baca5b26de9ceb2
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82bfa4dc77695a67fcc997d6649fffa01de9c92ed288f3aebc17f5f1098f72e6
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
83350869751baaf2e1deaaaa691a5769eebc5dfbf27bb23347080187006dbd8a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
8c51ec1dce36c954423c7fa27c3975ea00c947368bd654f1b28b4cafd08aafa2
8d9c3e3cfba892b2954a9c28ec67162355632750aa8b45d55323b04bc29ae61b
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede
90434bd2f64d408e4dc71b3167ceba343e1ece096f38acc558f8edaed54f3c13
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
96f2e8df92df1dcdd58dcc3e3c4dbb0e5524ac4868bd43ad02d29a1727914e92
97f90f580399c53a0fce5dac4ff831772546e3c9b5e65b52b06c58a050b02d80
98d15b7b6b3b39910d1d52cb6e6a90a47796643af160325bd72975f7f4d1cf91
9c05cfb713974cb4ec97e0175d492fa270aa34401a1fca792f5b7a2d99389c49
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9e538123f5368d79119763568bcadb4c7e8f84b4def5f15509b6fe8cbfaed86d
a194b8a4eb3dca8999a301fcbb5f5e8608ca5cbcf0af0448fb67827ef77a3571
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a6d4ea4e2f95dcd77bc3acb8408f8ed9c2d9453aeafef8af9387b04e6c9a8ff9
a8113058c3c1bf756f7cc21db6ccaf4942ca0fad6e56e337bab692b9e55ae232
ac0a6691ca5e989e584e2c2c35d8df07d01158936249fd4d9d93bdd16b43c192
ae3d9908190751ed5b60125bc728a480caa63e16550f72fb6b4dbb49f66bd3e4
aed1d3e0e8565661020d1758525a829918ad55926910373ed5ad39c3e9b25ca3
b201bca1ac46038b7aae11a1c7e9bb8af1c9206a05a67e7d35b56602ea9bc832
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b4468923fadd3156b6126370f0f9d38f737f2d2f75d9b4d519937a30de417f21
b908504c87901a04ded57193d56c7cf7bcca91645a72613faeabe058267cfbfd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae
c32bd38d17b9c3ab4a8d3d3d8b5755831d3c6cf464d83bc9d21197761d6ff9c6
c452b7c43de0c08340d9a4915852f92900d7b8bcba97a2ae53ad33c847af97e3
c927369057a524a2ba2bc24ffa545a5b49996b9e4aac8f16bbf2e5648bdd5806
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cdad800002b068b782f0f201faf14991d159eae74122809625fc6f8684507c92
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf5081f20d36f166d60ab798305a57e96fb36f099e89453550dd570d30d9ee31
d06600ce7303bd79f6fece227be128052e9edfeece7d47574b0746ca29df132a
d176420a9aac2ead0abdc97fc01bce55070c03524010c0b5ad0f93478ffbaa06
d6d408ceb31cfae3d3d87971b82e522a331aa2eb042a793223b7ec19e419c564
e1ed25f4abd181e54349b19a94bd563692385ef339df2540abbee5638ccb3765
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45c1792035ac701eb39dfc38c66d23c4e9a996601744d7836ac4795b554ef53
e4b566a42a389c7278cab9a7c7a0a2d49ee27df3d5be9d006137230d84cb52a7
e5cdcb6c15e64a5c414ce8c8726bb1c9b57e7dfeae98b6099dfd280ba633418c
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
e9293c1be31a8acc075471b318683b04db4b1ffe5796df86a2a8b7522439bea6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef43b15d3b4f918f27735d5a734d03e6bc7ae79bca9e3020acfc4c013ff5bcd2
f9278e008fc4edcd157a9a7b3f5dfbd75c167f405d11296e19c313dc5d052cc2
fa2877c28b8a9b08936943b7571469d99887a7c7f6877fd5bc95ace76beecf43