www.bleepingcomputer.com
104.20.185.56 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/ 10yr old
Submission: On May 15 via manual (May 15th 2025, 4:24:45 pm UTC) from US — Scanned from US

Summary HTTP 126 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 25 domains to perform 126 HTTP transactions. The main IP is 104.20.185.56, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com. The Cisco Umbrella rank of the primary domain is 99572. 10yr old
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 20th 2025. Valid for: 1yr.

This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	104.20.185.56 104.20.185.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.111.95 142.251.111.95	15169 (GOOGLE) (GOOGLE)
39	104.26.12.6 104.26.12.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.18.20.206 104.18.20.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.179.97 142.251.179.97	15169 (GOOGLE) (GOOGLE)
1 1	142.251.111.104 142.251.111.104	15169 (GOOGLE) (GOOGLE)
1	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
5	142.251.167.157 142.251.167.157	15169 (GOOGLE) (GOOGLE)
4	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.171.76.44 3.171.76.44	16509 (AMAZON-02) (AMAZON-02)
1	3.167.99.7 3.167.99.7	16509 (AMAZON-02) (AMAZON-02)
4	172.67.70.136 172.67.70.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.16.94 142.251.16.94	15169 (GOOGLE) (GOOGLE)
12	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.160.152.31 34.160.152.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	192.178.155.149 192.178.155.149	15169 (GOOGLE) (GOOGLE)
1	23.62.165.92 23.62.165.92	16625 (AKAMAI-AS) (AKAMAI-AS)
3	3.167.99.47 3.167.99.47	16509 (AMAZON-02) (AMAZON-02)
4	104.22.5.65 104.22.5.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.16.138 142.251.16.138	15169 (GOOGLE) (GOOGLE)
4	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
2	74.119.117.47 74.119.117.47	19750 (AS-CRITEO) (AS-CRITEO)
2	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
2	3.131.10.225 3.131.10.225	16509 (AMAZON-02) (AMAZON-02)
2	34.111.152.239 34.111.152.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.192.210 35.244.192.210	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.22.52.86 104.22.52.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.41.60 172.67.41.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
1	142.250.31.132 142.250.31.132	15169 (GOOGLE) (GOOGLE)
2	162.19.138.116 162.19.138.116	16276 (OVH OVH SAS) (OVH OVH SAS)
1	141.95.33.120 141.95.33.120	16276 (OVH OVH SAS) (OVH OVH SAS)
126	34

2 104.20.185.56 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bleepingcomputer.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.111.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f95.1e100.net

fonts.googleapis.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

39 104.26.12.6 (None, )

ASN13335 (CLOUDFLARENET, US)

www.bleepstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 104.18.20.206 (None, )

ASN13335 (CLOUDFLARENET, US)

a.pub.network 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.179.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f97.1e100.net

www.googletagmanager.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.111.104 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bk-in-f104.1e100.net

www.google.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 142.251.167.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f157.1e100.net

pagead2.googlesyndication.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 172.64.146.152 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.171.76.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-76-44.iad89.r.cloudfront.net

ecdn.analysis.fi 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.167.99.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-99-7.iad55.r.cloudfront.net

ecdn.firstimpression.io 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 172.67.70.136 (United States)

ASN13335 (CLOUDFLARENET, US)

fs-loader.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.16.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net

fonts.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

12 104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
cds.connatix.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
vid.connatix.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com

d.pub.network 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
c.pub.network 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 192.178.155.149 (United States)

ASN15169 (GOOGLE, US)
PTR: yuiadrs-in-f149.1e100.net

ad.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 23.62.165.92 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-165-92.deploy.static.akamaitechnologies.com

widgets.outbrain.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 3.167.99.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-99-47.iad55.r.cloudfront.net

cdn.firstimpression.io 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 104.22.5.65 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.16.138 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f138.1e100.net

www.google-analytics.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

securepubads.g.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 74.119.117.47 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

googleads.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 3.131.10.225 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-10-225.us-east-2.compute.amazonaws.com

tag.escalated.io 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com

optimise.net 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.244.192.210 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 210.192.244.35.bc.googleusercontent.com

freestar.solutions.cdn.optable.co 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

ep1.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.31.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f132.1e100.net

ep2.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 141.95.33.120 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3203256.ip-141-95-33.eu

lb.eu-1-id5-sync.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
39	bleepstatic.com www.bleepstatic.com — Cisco Umbrella Rank: 103170 9yr old	740 KB
16	connatix.com capi.connatix.com — Cisco Umbrella Rank: 958 7yr old cd.connatix.com — Cisco Umbrella Rank: 4654 7yr old cds.connatix.com — Cisco Umbrella Rank: 4223 7yr old vid.connatix.com — Cisco Umbrella Rank: 5941 7yr old	429 KB
8	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 150 10yr old securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236 10yr old googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 9yr old	229 KB
8	pub.network a.pub.network — Cisco Umbrella Rank: 3994 9yr old d.pub.network — Cisco Umbrella Rank: 4483 8yr old c.pub.network — Cisco Umbrella Rank: 4131 9yr old	340 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112 10yr old	201 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 991 6yr old api.btloader.com — Cisco Umbrella Rank: 1150 6yr old	22 KB
4	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1503 4yr old	280 KB
4	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1068 9yr old	896 B
4	fs-loader.com fs-loader.com — Cisco Umbrella Rank: 124213 1yr old	115 KB
4	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 49619 9yr old cdn.firstimpression.io — Cisco Umbrella Rank: 44173 9yr old	106 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 803 7yr old id5-sync.com — Cisco Umbrella Rank: 523 9yr old	33 KB
2	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 396 2yr old ep2.adtrafficquality.google — Cisco Umbrella Rank: 413 2yr old	20 KB
2	optimise.net optimise.net — Cisco Umbrella Rank: 5020 4yr old	6 KB
2	escalated.io tag.escalated.io — Cisco Umbrella Rank: 62412 7yr old	26 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 966 13yr old	30 KB
2	gstatic.com www.gstatic.com 10yr old fonts.gstatic.com 10yr old	45 KB
2	bleepingcomputer.com 1 redirects www.bleepingcomputer.com — Cisco Umbrella Rank: 99572 10yr old	22 KB
1	eu-1-id5-sync.com lbs.eu-1-id5-sync.com Failed 4yr old lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 993 4yr old	296 B
1	optable.co freestar.solutions.cdn.optable.co — Cisco Umbrella Rank: 8828 1yr old na.edge.optable.co Failed 2yr old	10 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 13yr old
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2424 13yr old	1 KB
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 38768 7yr old	2 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 13yr old	19 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48 13yr old	144 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 10yr old imasdk.googleapis.com Failed 10yr old	2 KB
126	25

	Domain	Requested by
39	www.bleepstatic.com	www.bleepingcomputer.com www.bleepstatic.com
10	cds.connatix.com	cd.connatix.com cds.connatix.com
5	pagead2.googlesyndication.com	www.bleepingcomputer.com pagead2.googlesyndication.com fs-loader.com
4	cdn.confiant-integrations.net	a.pub.network cds.connatix.com cdn.confiant-integrations.net
4	securepubads.g.doubleclick.net	a.pub.network securepubads.g.doubleclick.net
4	ad-delivery.net	www.bleepingcomputer.com
4	fs-loader.com	www.bleepingcomputer.com fs-loader.com
4	capi.connatix.com	www.bleepingcomputer.com cds.connatix.com
4	a.pub.network	www.bleepingcomputer.com a.pub.network
3	c.pub.network	a.pub.network
3	cdn.firstimpression.io	ecdn.firstimpression.io
2	id5-sync.com	cdn.id5-sync.com
2	api.btloader.com	btloader.com
2	btloader.com	a.pub.network btloader.com
2	optimise.net	a.pub.network
2	tag.escalated.io	ecdn.firstimpression.io tag.escalated.io
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	static.criteo.net	fs-loader.com www.bleepingcomputer.com
2	ad.doubleclick.net	www.bleepingcomputer.com
2	www.bleepingcomputer.com	1 redirects
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	ep2.adtrafficquality.google	pagead2.googlesyndication.com
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	vid.connatix.com	cds.connatix.com
1	cdn.id5-sync.com	freestar.solutions.cdn.optable.co
1	freestar.solutions.cdn.optable.co	a.pub.network
1	www.google-analytics.com	www.googletagmanager.com
1	widgets.outbrain.com	www.bleepingcomputer.com
1	d.pub.network	www.bleepingcomputer.com
1	cd.connatix.com	www.bleepingcomputer.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ecdn.firstimpression.io	www.bleepingcomputer.com
1	ecdn.analysis.fi	www.bleepingcomputer.com
1	www.gstatic.com	www.bleepingcomputer.com
1	www.google.com	1 redirects
1	www.googletagmanager.com	www.bleepingcomputer.com
1	fonts.googleapis.com	www.bleepingcomputer.com
0	lbs.eu-1-id5-sync.com Failed	cdn.id5-sync.com
0	imasdk.googleapis.com Failed	cds.connatix.com
0	na.edge.optable.co Failed	freestar.solutions.cdn.optable.co
126	40

This site contains no links.

Subject Issuer	Validity	Valid
bleepingcomputer.com Sectigo RSA Domain Validation Secure Server CA	`2025-04-20` - `2026-05-03`	1yr	crt.sh
upload.video.google.com WR2	`2025-04-21` - `2025-07-14`	3mo	crt.sh
bleepstatic.com WE1	`2025-05-03` - `2025-08-01`	3mo	crt.sh
pub.network WE1	`2025-05-11` - `2025-08-09`	3mo	crt.sh
*.google-analytics.com WR2	`2025-04-21` - `2025-07-14`	3mo	crt.sh
*.g.doubleclick.net WR2	`2025-04-21` - `2025-07-14`	3mo	crt.sh
capi.connatix.com WE1	`2025-05-03` - `2025-08-01`	3mo	crt.sh
*.analysis.fi R11	`2025-04-11` - `2025-07-10`	3mo	crt.sh
cdn.firstimpression.io R11	`2025-04-19` - `2025-07-18`	3mo	crt.sh
fs-loader.com WE1	`2025-05-08` - `2025-08-06`	3mo	crt.sh
*.gstatic.com WR2	`2025-04-21` - `2025-07-14`	3mo	crt.sh
connatix.com WE1	`2025-04-18` - `2025-07-17`	3mo	crt.sh
d.pub.network WR3	`2025-04-27` - `2025-07-26`	3mo	crt.sh
*.doubleclick.net WR2	`2025-04-21` - `2025-07-14`	3mo	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2024-12-09` - `2025-12-09`	1yr	crt.sh
ad-delivery.net WE1	`2025-05-06` - `2025-08-04`	3mo	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-11` - `2025-07-04`	3mo	crt.sh
*.escalated.io Amazon RSA 2048 M02	`2025-02-23` - `2026-03-25`	1yr	crt.sh
optimise.net WR3	`2025-05-02` - `2025-07-31`	3mo	crt.sh
freestar.solutions.cdn.optable.co WR3	`2025-05-05` - `2025-08-03`	3mo	crt.sh
confiant-integrations.net WE1	`2025-05-03` - `2025-08-01`	3mo	crt.sh
id5-sync.com WE1	`2025-03-26` - `2025-06-24`	3mo	crt.sh
c.pub.network WR3	`2025-04-22` - `2025-07-21`	3mo	crt.sh
btloader.com WE1	`2025-04-03` - `2025-07-02`	3mo	crt.sh
vid.connatix.com WE1	`2025-05-06` - `2025-08-04`	3mo	crt.sh
api.btloader.com WR3	`2025-03-28` - `2025-06-26`	3mo	crt.sh
adtrafficquality.google WR2	`2025-04-21` - `2025-07-14`	3mo	crt.sh
eu-1-id5-sync.com R11	`2025-05-01` - `2025-07-30`	3mo	crt.sh

This page contains 6 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Frame ID: 1A0EF9EB6C7630C1A1EEEFB066E19F41
Requests: 106 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Frame ID: 4C5934B4950306D9E1D729265CD0AEF4
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 951B8105B821611011CC2C31ECEED569
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250513/r20190131/zrt_lookup_fy2021.html
Frame ID: 4638F6FC3168B233C7CAB47927167EFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1746978789&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ficlicker-hack-targeted-students-with-malware-via-fake-captcha%2F&pra=7&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.15&aiapmi=0.16&aiact=0.7&aicct=0.7&ailct=0.7125789712259947&aimart=8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1747326286837&bpp=2&bdt=332&idt=384&shv=r20250513&mjsv=m202505130201&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3871181674613&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31092370%2C31092461%2C95353387%2C95360610%2C31092430%2C95344787%2C95360954&oid=2&pvsid=2567722985934362&tmod=515909046&uas=0&nvt=1&fsapi=1&fc=896&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=420
Frame ID: A2948A3A1AB7E31ED00DBF0477FE4D70
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.bleepingcomputer.com/65fd09fa-2c66-4f1d-90aa-164fd0e6582a
Frame ID: 399623361ADD07F5EC3C52DC4FC1248D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha HTTP 301
https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/ Page URL

Detected technologies

Bootstrap (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

126
Requests

92 %
HTTPS

0 %
IPv6

25
Domains

40
Subdomains

34
IPs

3
Countries

2803 kB
Transfer

8379 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha HTTP 301
https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

126 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Redirect Chain

https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha
https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

104 KB
21 KB

417ms
416ms

Document
text/html

104.20.185.56
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.185.56 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4461c6adc3e598761f2b18f92d604320819bdadf1451e6286f205f63787b24ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: none
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 9403fcc80b88b8b1-IAD
content-encoding: gzip
content-length: 21293
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Thu, 15 May 2025 16:24:46 GMT
etag: "e564215917603ae609359b31891b91ce-gzip"
expires: 0
last-modified: Sun, 11 May 2025 15:53:09 GMT
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 9403fcc71891b8b1-IAD
content-length: 317
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
content-type: text/html; charset=iso-8859-1
date: Thu, 15 May 2025 16:24:45 GMT
location: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 39ms
27ms Stylesheet
text/css 142.251.111.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f95.1e100.net

Software

ESF /

Resource Hash

1222c171f51afb03d90e701e6d1a9dbdbe31514f57c26b689f4e230ef328391f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 15 May 2025 16:24:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 15 May 2025 16:24:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 bootstrap.min.css
www.bleepstatic.com/js/redesign/bootstrap/css/ 119 KB
20 KB 51ms
22ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bootstrap/css/bootstrap.min.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "624975547"
age: 1855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9gXbgz46fc%2BtSjd4S5i8KnWO3zM9l1me3GWLsX1kkxi8%2FHO3CSUeCO8jMvPhZqpZ%2BiOA7Yq45NP0wot0X0i3AIAHYMXeW%2FepXEoX2B6Fwe6l6u0gE%2FIsK14H5bnM39B6ez5ZDJY%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 31 Jan 2025 08:06:25 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=5493&min_rtt=5397&rtt_var=703&sent=28&recv=10&lost=0&retrans=0&sent_bytes=26592&recv_bytes=2692&delivery_rate=781294&cwnd=254&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=34&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 13 Feb 2019 14:22:49 GMT
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccafd5c8651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19736
server: cloudflare

GET
H2 200 main.css
www.bleepstatic.com/css/redesign/ 64 KB
11 KB 51ms
23ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/main.css?v=09.22.24.2
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53889c58afca45422463198a257dfcb2ad352f6a593fad93ec666bf0eecf1fe3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 543775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QMF26tzmLkd8f5OK2vNzeJoeRsQYI96udowG9a5AYZ79pZpQN7JGFogsbO9RDdwsm22gmtggJUxAu%2B5agr%2ByQ9LF4HaZeBNyVdGbR3lVTEf7AQoQutqR2JWAt60M1hX8n%2BFiNcc%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=5493&min_rtt=5397&rtt_var=703&sent=17&recv=10&lost=0&retrans=0&sent_bytes=14843&recv_bytes=2692&delivery_rate=781294&cwnd=254&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=34&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/css
last-modified: Wed, 30 Apr 2025 18:23:15 GMT
vary: Accept-Encoding
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccafd598651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11042
server: cloudflare

GET
H2 200 home.css
www.bleepstatic.com/css/redesign/ 15 KB
4 KB 48ms
20ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/home.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efe527cf424c7710e87f51d6fe0cff69843ba1a5af5e939f04eda7a8ac76e8b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 3327
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BURbEQL68%2F5Ylwp5S2h2v1Kmm8ll0Qf9PFMuL%2B8uUaQ0KnAbjlJ1xnkybs7IYCyTJWumXhprE%2B%2Be9tHWqV%2FVL%2BO%2B1b4zjV0IpMkeiNRv63qEKTcEE%2B5a1jjcXo76Hqysju%2FrniY%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=5493&min_rtt=5397&rtt_var=703&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4009&recv_bytes=2692&delivery_rate=781294&cwnd=254&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=32&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/css
last-modified: Wed, 14 Dec 2022 03:04:07 GMT
vary: Accept-Encoding
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccafd548651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2988
server: cloudflare

GET
H2 200 news.css
www.bleepstatic.com/css/redesign/ 36 KB
7 KB 50ms
22ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/news.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63d046811474bfb57375ef7981569d61e827852e5f95760c43de01f67639fda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 3063
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Jns1o58suuV%2FSX7%2FPM9nOuLU7%2B28XnJUj8UQQLKNWhDzvB%2Fi5RWX5Nc8NJu8hlwStyyOirusBafbfzH4hk98An3MPtjp9vuQyl5eIyBbaUNrUiGgxIrFt2IIwnMyGk5YD%2B6CKM%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=5493&min_rtt=5397&rtt_var=703&sent=11&recv=10&lost=0&retrans=0&sent_bytes=7738&recv_bytes=2692&delivery_rate=781294&cwnd=254&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=33&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/css
last-modified: Fri, 07 Mar 2025 22:04:28 GMT
vary: Accept-Encoding
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccafd5f8651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6493
server: cloudflare

GET
H2 200 jquery-3.5.1.min.js Show response
www.bleepstatic.com/js/redesign/ 87 KB
31 KB 53ms
25ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/jquery-3.5.1.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1177690299"
age: 7179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LbHU5Hut4vD7%2FttxdDxyPO%2BepiDuA6%2BGr5i3Wg8gNennaUayzPLSIglnHU88vW%2FHukOjS9cf97aikl4TuV%2BC1ybP9AX0pO%2BM%2FORXh8xdoBBRq8V9EsPpZA6TFv8t5e3UmhhHBO4%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 30 Jan 2025 06:27:03 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=5493&min_rtt=5397&rtt_var=703&sent=50&recv=10&lost=0&retrans=0&sent_bytes=51800&recv_bytes=2692&delivery_rate=781294&cwnd=254&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=36&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Mon, 04 May 2020 23:02:39 GMT
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccafd658651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30950
server: cloudflare

GET
H2 200 jquery-migrate-1.4.1.min.js Show response
www.bleepstatic.com/js/redesign/ 10 KB
4 KB 52ms
24ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/jquery-migrate-1.4.1.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2177127834"
age: 257
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TmdOxYUBcUIdk6cGKtGdcu5jWRjukotGlw6rspYzu6QgL%2BCHBynCDfYkwCxy5v0YUXKnFAZkMGNbuh5xYVQcRV4q%2FaGCUVNQpJlEbzUj73iIN13tI3ARjq%2FdHbgm5zl5ak23O6k%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 31 Jan 2025 05:49:05 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=5493&min_rtt=5397&rtt_var=703&sent=45&recv=10&lost=0&retrans=0&sent_bytes=47215&recv_bytes=2692&delivery_rate=781294&cwnd=254&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=36&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Fri, 20 May 2016 01:26:30 GMT
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccafd638651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4014
server: cloudflare

GET
H2 200 news.js Show response
www.bleepstatic.com/js/redesign/ 247 B
668 B 45ms
38ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/news.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ded8ccc0bf2159ddbcda148611365dd27ddbca253518d5a939a6b9159263416e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "4218930423"
age: 1649
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qgUCatnM4H8LD5fpEqSLjLQy1ITZ6wtMlXMtHmwhFptLDF%2FR6RWS4%2BjEYeEF0wXs4dJICcT5YfQJBmgPBbZYclB%2FFYxuz634U3SnZAXjUkMp7Ln%2BELPl1Vp5t3gHkWoWZYeff1I%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 28 Jan 2025 05:51:43 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=5518&min_rtt=5376&rtt_var=44&sent=263&recv=120&lost=0&retrans=1&sent_bytes=336795&recv_bytes=3853&delivery_rate=30841049&cwnd=391&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=136&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 16 Dec 2015 15:41:46 GMT
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb9f658651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 171
server: cloudflare

GET
H3 200 cls.css
a.pub.network/core/pubfig/ 2 KB
1 KB 57ms
28ms Stylesheet
text/css 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://a.pub.network/core/pubfig/cls.css

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 2
access-control-expose-headers: *
x-goog-hash: crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
cf-cache-status: HIT
etag: W/"816783146b3907e634d0e822ca759864"
age: 240
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Thu, 15 May 2025 17:24:46 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 2096
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/css
last-modified: Fri, 28 Oct 2022 14:36:10 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-guploader-uploadid: AAO2VwrWBDR2gZmMgXi7XoFgnXdETx101QHfBREW5gwctejxhci6dbTVJGmfg-SQT76mMeb1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 9403fccafcd838aa-IAD
access-control-allow-origin: *
x-goog-generation: 1666967770269941
server: cloudflare

GET
H3 200 pubfig.min.js Show response
a.pub.network/bleepingcomputer-com/ 53 KB
21 KB 40ms
33ms Script
application/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a879cdbd44c63f9f958164e08a67ef52e5e1119bd2cc171eb4c25c311c98c33d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
x-goog-hash: crc32c=jQgxbg==, md5=xYXfG1MkOmAMc3l0cefvGA==
cf-cache-status: HIT
etag: W/"c585df1b53243a600c73797471e7ef18"
age: 1607
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Thu, 15 May 2025 16:54:46 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 53864
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:46 GMT
content-type: application/javascript
last-modified: Thu, 15 May 2025 15:57:55 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-guploader-uploadid: AAO2VwoSWJXg0Ui3QDj5xAUK_l1GHYjRFPcJoQq3AvxHfehOqeW-bg-NUikVaLCng36-fBBt
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://d.pub.network/v2/sites/bleepingcomputer-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
cache-control: public, max-age=1800
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 9403fccb7d7d38aa-IAD
access-control-allow-origin: *
x-goog-generation: 1747324675247312
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 439 KB
144 KB 88ms
38ms Script
application/javascript 142.251.179.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e4b44750220d727c090989a6db1b914c5caf31d0dc9b146ad8f61f248933aa04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires: Thu, 15 May 2025 16:24:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 15 May 2025 16:24:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
content-length: 146533
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 logo.png
www.bleepstatic.com/images/site/ 1 KB
2 KB 41ms
35ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 511187
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qdakjarCrEWzA1DMET2UM8HeltuHNXh52IvHqLOEehNingvn2tNlO3D3ToZ%2FfayzT174O9jCM9c5VacFU9TwrVgRxRnJBeirq%2FUjuNUaoC%2F2Jmuzbj8%2FwBuXAe2w8hseTr32dwM%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1882
server-timing: cfL4;desc="?proto=TCP&rtt=5518&min_rtt=5376&rtt_var=44&sent=242&recv=120&lost=0&retrans=1&sent_bytes=315683&recv_bytes=3853&delivery_rate=30841049&cwnd=391&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=134&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="logo.webp"
vary: Accept
last-modified: Sat, 04 Mar 2017 04:12:00 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb9f688651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1152
server: cloudflare

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

28ms
5ms

Script
text/javascript

172.253.122.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 12513
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options: nosniff
expires: Fri, 16 May 2025 12:56:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 15 May 2025 12:56:13 GMT
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
content-length: 5807
x-xss-protection: 0
server: sffe

Redirect headers

cache-control: public, max-age=1800
location: https://www.gstatic.com/prose/brandjs.js
age: 761
x-content-type-options: nosniff
expires: Thu, 15 May 2025 16:42:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
date: Thu, 15 May 2025 16:12:05 GMT
content-type: text/html; charset=UTF-8
server: sffe

GET
H2 200 devsecops-playbook.png
www.bleepstatic.com/c/w/wiz/ 83 KB
84 KB 18ms
15ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/c/w/wiz/devsecops-playbook.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5aa8fa9c7d3da1ba562f674abf3e8d18ec240fcbcf7840ef3459a2c6125a23e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 68140
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nH4zNo6IUYQbAgEox7N3jyRRVwrB2NurM6BPrZ29V5hxMtqArUjw%2BqQB9PUGHd%2BhlVeprfijZUiOADCbE%2B8vYESjUSrdhzkPtIPiK88teADcA9oqYRzBFbjLpYw5aJgA76uZ%2Ba4%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=138731
server-timing: cfL4;desc="?proto=TCP&rtt=5716&min_rtt=5376&rtt_var=417&sent=73&recv=42&lost=0&retrans=0&sent_bytes=83630&recv_bytes=2910&delivery_rate=16715728&cwnd=275&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=54&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="devsecops-playbook.webp"
vary: Accept
last-modified: Tue, 29 Apr 2025 22:07:33 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb1dd18651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 85002
server: cloudflare

GET
H2 200 iclicker-dr.jpg
www.bleepstatic.com/content/hl-images/2025/05/10/ 117 KB
117 KB 21ms
19ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2025/05/10/iclicker-dr.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f4e2ca519c90e28b9e1ca27a7e85321f2ce20480a5a87de53c4493cf6bc9dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 403554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLAfo3VwKVqw26hqpuFuRdI0whZt5%2BXvE%2FWNvqEG8R3Q65lnV0P9rKQ8vzkj%2FJTz93v5OqjdZ1%2B%2BZIQLTwL5hsKsIU3%2BgmOJ7W2kb3iW2XZHNpNwr6zEWgD1ersi0SiTu5FueY0%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=385779
server-timing: cfL4;desc="?proto=TCP&rtt=5716&min_rtt=5376&rtt_var=417&sent=135&recv=42&lost=0&retrans=0&sent_bytes=169798&recv_bytes=2910&delivery_rate=16715728&cwnd=275&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=57&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="iclicker-dr.webp"
vary: Accept
last-modified: Sun, 11 May 2025 00:18:51 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb1dd38651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 119570
server: cloudflare

GET
H2 200 example-captcha-clickfix.jpg
www.bleepstatic.com/images/news/security/attacks/i/iclicker/ 23 KB
23 KB 34ms
34ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/news/security/attacks/i/iclicker/example-captcha-clickfix.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba9d9cdbef4e87f339fc01c9171f2047e6c8a11ad4e4f8c28171d05111ded0f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 66945
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZxxC2m%2BZdsk0LwoUohYhLV9bE1umAZ9jWJS0LYOk7qfRK%2FyvloRKST0Ks6q3zL5hq0ib8%2B%2Fbqwqos7x0vi8Iq8UOOta3B2WfZsBWRRAFEBH3eBHOzPEqYopUs9z2iQqzu%2B46ME%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=74254
server-timing: cfL4;desc="?proto=TCP&rtt=5571&min_rtt=5376&rtt_var=65&sent=223&recv=112&lost=0&retrans=1&sent_bytes=291778&recv_bytes=3009&delivery_rate=30841049&cwnd=373&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=119&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="example-captcha-clickfix.webp"
vary: Accept
last-modified: Sat, 10 May 2025 23:33:15 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb6eb38651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23266
server: cloudflare

GET
H2 200 obfuscated-powershell-command.jpg
www.bleepstatic.com/images/news/security/attacks/i/iclicker/ 33 KB
34 KB 60ms
60ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/news/security/attacks/i/iclicker/obfuscated-powershell-command.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d1dbabed68b7b6512344bcd403c99b6b584d44bec9842e84b30f98739306d76

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 71848
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tB9%2F%2F8k7L3J1fOGxa%2BKipAsjBJ7rhlQBxODW%2FJI4Uey7sFd7p20mGbHQXqOrdtyd4d9P5XkHQOl7A6t%2F72LDBETgF9xUjCW%2BkY%2FtA1Popr%2B%2F1mBwV8gvpXP493r6tq1xOy6Vt%2F8%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=118500
server-timing: cfL4;desc="?proto=TCP&rtt=5786&min_rtt=5376&rtt_var=591&sent=321&recv=135&lost=0&retrans=1&sent_bytes=405251&recv_bytes=4639&delivery_rate=30841049&cwnd=421&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=144&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="obfuscated-powershell-command.webp"
vary: Accept
last-modified: Fri, 09 May 2025 22:59:26 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb9f548651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34254
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 59ms
24ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

ac705f6949eea5f14bc9054d8b4c488e28fe0069488dd3be608d3e08962227f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 2642966586113738185
x-content-type-options: nosniff
expires: Thu, 15 May 2025 16:24:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52523
x-xss-protection: 0
server: cafe

GET
H2 200 sharp-rhino.jpg
www.bleepstatic.com/c/a/acronis/ 48 KB
49 KB 50ms
42ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/c/a/acronis/sharp-rhino.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2347c04737c6ffb595533feff266286e7697640cf040278e8ee36df8a2b58c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 717
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ErELAzI0sqOOCgb12iW%2BzVK6oqEutDWizM6wL8nwPBok6i5mnhwUjqqaVjlp6P3I%2FLvdxX482V5keA0a%2BpHP3ty80ZBv%2FhGufLLQy15Wgkh9C0m2mUfRCaMmnyA9No1CcZUX4aM%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=105907
server-timing: cfL4;desc="?proto=TCP&rtt=5518&min_rtt=5376&rtt_var=44&sent=269&recv=120&lost=0&retrans=1&sent_bytes=339219&recv_bytes=3853&delivery_rate=30841049&cwnd=391&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=138&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="sharp-rhino.webp"
vary: Accept
last-modified: Tue, 29 Apr 2025 20:34:31 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb9f598651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 49438
server: cloudflare

GET
H2 200 twitter.png
www.bleepstatic.com/images/site/login/ 282 B
924 B 44ms
39ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login/twitter.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 506901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59bnAJTlcphK6Pi4Be5EvhquVwhJazTqlGRFiGe%2FX9AF%2Bh48m6PS0Hg98dhvMSPuIAG6%2BNszWLw6qplWedRDuuxHHJ17SQn8O6mB8LjTCQYNGmDUIUVeVCTzRSNFSym3LQjTvrI%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=475
server-timing: cfL4;desc="?proto=TCP&rtt=5518&min_rtt=5376&rtt_var=44&sent=265&recv=120&lost=0&retrans=1&sent_bytes=337529&recv_bytes=3853&delivery_rate=30841049&cwnd=391&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=136&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="twitter.webp"
vary: Accept
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb9f6a8651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 282
server: cloudflare

GET
H2 200 bootstrap.js Show response
www.bleepstatic.com/js/redesign/bootstrap/js/ 74 KB
16 KB 44ms
39ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bootstrap/js/bootstrap.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "984724076"
age: 4412
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cEtL8dd%2BQAGzvychLm9B4byxiMa2LKW34feHb2L6ioxc2%2BZapYZGRFhVqcZsnqYs1Fg7zy6gxRJ4Hf7ShJQy%2F8zrDppLYmIPt%2FGW6i5m6cPEBoCC8gAW%2FRTvv49Iki2bIQK%2BaIw%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 30 Jan 2025 08:41:32 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=5518&min_rtt=5376&rtt_var=44&sent=249&recv=120&lost=0&retrans=1&sent_bytes=320090&recv_bytes=3853&delivery_rate=30841049&cwnd=391&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=136&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 13 Feb 2019 14:22:49 GMT
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb9f6c8651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16132
server: cloudflare

GET
H2 200 blazy.min.js Show response
www.bleepstatic.com/js/blazy/ 5 KB
2 KB 45ms
38ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 5170
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YC2WICi88Voy5kv95nfBL2LBKyR1qd0OS9kxuVoFBcGLWAQhdvR0JMZXjo3PLRL6EWgQkpxMyjB7d0l30wyS%2FJ88qYCJQ8CJdlILLapVBripZtz9mWR6J%2F52q6HysP9snG%2Ff9hA%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=5518&min_rtt=5376&rtt_var=44&sent=245&recv=120&lost=0&retrans=1&sent_bytes=317514&recv_bytes=3853&delivery_rate=30841049&cwnd=391&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=135&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/javascript
last-modified: Thu, 16 Aug 2018 21:06:19 GMT
vary: Accept-Encoding
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb9f5e8651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2009
server: cloudflare

GET
H2 200 bleep.js Show response
www.bleepstatic.com/js/redesign/ 4 KB
1 KB 50ms
45ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bleep.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7945a016863643f7dcba9d9052700f792f2aa7573773c1e54e75ad796e5f0697

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 1166171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9stvgRT3CLkBs1UP6LMWEeT%2BCyvkTumj2nvil38i2NZLurrOKHgi3payQv9QYu2iLDLvtEL6eUE%2FImbcWR4dVvAX7XBC5opZ%2FlwjvRJjSrC26QFmC%2FLWrT39%2BkHRTcyaOjq2vgs%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=5518&min_rtt=5376&rtt_var=44&sent=318&recv=120&lost=0&retrans=1&sent_bytes=403868&recv_bytes=3853&delivery_rate=30841049&cwnd=391&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=139&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/javascript
last-modified: Tue, 22 Apr 2025 00:27:41 GMT
vary: Accept-Encoding
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb9f6f8651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 853
server: cloudflare

GET
H2 200 jquery.fancybox.js Show response
www.bleepstatic.com/js/redesign/fancybox/ 48 KB
14 KB 50ms
45ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 538381
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GYwWUyboptQjeZ77oQS%2FP8YjQMU8Js3BWB7Kix%2FAer0%2FwKS1iNTyFH1jq%2BEKGiNEGz%2B1k7RJuKi%2F7wyFVO6hwWNNeieIM19l3SPp1SQj3k26xukxEypBEwoixz%2FAimCgFiwZxSw%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=5518&min_rtt=5376&rtt_var=44&sent=306&recv=120&lost=0&retrans=1&sent_bytes=389366&recv_bytes=3853&delivery_rate=30841049&cwnd=391&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=139&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/javascript
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
vary: Accept-Encoding
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb9f728651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13919
server: cloudflare

GET
H2 200 fixto.min.js Show response
www.bleepstatic.com/js/fixto/ 8 KB
3 KB 62ms
55ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1740214911"
age: 4398
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pypOjdJ2wsoDJyHeekYSu7mmBipOfDO0%2FIyPdZ4PgcuIYXO5DsVdRVrNCtyEd2YI5vaRRZc3GIW9K5qUYy65Xx4UHQCG0z3Dw9lcCak5CxEuORurauHyJuHU6mJV9hyVNXhaQpQ%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 02 Feb 2025 06:02:25 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=5616&min_rtt=5371&rtt_var=229&sent=356&recv=169&lost=0&retrans=1&sent_bytes=443628&recv_bytes=4639&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=152&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Sat, 13 Jun 2015 21:34:42 GMT
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb9f628651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2686
server: cloudflare

GET
H3 200 si
capi.connatix.com/tr/ 0
321 B 93ms
45ms Image
application/json 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=ce4d4c45-53cb-40cc-88d1-30d789f5b276&cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 9403fccbcfd4204e-IAD
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Thu, 15 May 2025 16:24:46 GMT
content-type: application/json
server: cloudflare
priority: u=3,i
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 80ms
5ms Script
application/javascript 3.171.76.44
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.171.76.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-171-76-44.iad89.r.cloudfront.net
Software: Apache/2.4.54 (Debian) /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=3600, public
x-ioriver: Cloudfront
content-encoding: br
etag: W/"1090-631a41d587d40"
age: 759
via: 1.1 3ae11a9b839883207a82a478aa43a33a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: SkeIunBTsH0T31WfQhBCoovYyNMBr9n8v_IFCOD2dovUErfzCVGqrA==
date: Thu, 15 May 2025 16:12:07 GMT
content-type: application/javascript
last-modified: Mon, 31 Mar 2025 14:19:57 GMT
server: Apache/2.4.54 (Debian)
x-amz-cf-pop: IAD89-P4
vary: Accept-Encoding

GET
H/1.1 200
OK fi_client.js Show response
ecdn.firstimpression.io/ 366 KB
97 KB 141ms
6ms Script
application/javascript 3.167.99.7
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.167.99.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-99-7.iad55.r.cloudfront.net

Software

Apache/2.4.54 (Debian) / PHP/8.2.0

Resource Hash

60df7334834a1bcb816799f1486abdea83e23b12658dc370b41ac46c6b938ca9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Encoding: br
ETag: W/"b10986a649c0c63722322a43b5468cfe"
Age: 933
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: dRkRCbh8YR2qyVoeazzYo_MYzTd3z0FnNSriC0Ok-aUF4XKn_Eq28g==
Date: Thu, 15 May 2025 16:09:13 GMT
Content-Type: application/javascript
Last-Modified: Thu,15 May 2025 16:09:13 UTC
Vary: Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: max-age=3600
x-ioriver: Cloudfront
Connection: keep-alive
Via: 1.1 c0f94b9661f48308744a53a3a5372f4a.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
X-Amz-Cf-Pop: IAD55-P7
X-Powered-By: PHP/8.2.0
Server: Apache/2.4.54 (Debian)

GET
H2 200 www.bleepingcomputer.com.js Show response
fs-loader.com/script/ 366 KB
114 KB 89ms
40ms Script
application/javascript 172.67.70.136
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://fs-loader.com/script/www.bleepingcomputer.com.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55dcd0399bc75ef1c286cc76582692fd10d69fc9cb024ef98c8cf40331aaf5db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: X-Length, X-Crc32, X-XcxUrl
content-encoding: gzip
cf-cache-status: HIT
etag: W/"55dcd0399bc75ef1c286cc76582692fd10d69fc9cb024ef98c8cf40331aaf5db"
age: 182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gV8Vz7U9ovzxYy6KwdfaiP0d13reFjbus9iEUoJJGFS2ISOwoZLJx2iXnUESuD01g0mTAEoSJlGg9jircAJT6nZf%2F2bGueytrRZApkO7GOiYUu2YIR5JZD%2FxCPubqIY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, PATCH, OPTIONS, DELETE
x-xcxurl: https://html-load.cc/script/www.bleepingcomputer.com.js
server-timing: cfL4;desc="?proto=TCP&rtt=7158&min_rtt=7094&rtt_var=901&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4030&recv_bytes=2246&delivery_rate=599337&cwnd=254&unsent_bytes=0&cid=abda438bf5428023&ts=61&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
x-length: 374362
content-type: application/javascript
vary: Origin, Accept-Encoding
access-control-allow-headers: *
x-crc32: 1252937297
cache-control: public, max-age=300, stale-while-revalidate=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9403fccbc965c5f1-IAD
access-control-allow-origin: *
server: cloudflare

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2 200 login_bg.png
www.bleepstatic.com/images/site/ 126 B
634 B 33ms
32ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login_bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=09.22.24.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/main.css?v=09.22.24.2

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 56030
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XM0ahtVgHev7uW4q4ig8nmYVkfopPm%2BhyMfLJvViKFaqznuKYeQe%2BXyI6el7V%2FYskKiiVmaVxlWt4rka39Gg75Rn4wJLHj0bJ14dVHqVn0GTU%2BDbAsh8NTTlWNa0prlCQLosjrg%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=187
server-timing: cfL4;desc="?proto=TCP&rtt=5518&min_rtt=5376&rtt_var=44&sent=267&recv=120&lost=0&retrans=1&sent_bytes=338519&recv_bytes=3853&delivery_rate=30841049&cwnd=391&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=136&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="login_bg.webp"
vary: Accept
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccb9f748651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
server: cloudflare

GET
H2 200 nav_bg.png
www.bleepstatic.com/images/site/ 72 B
603 B 25ms
20ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/nav_bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=09.22.24.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/main.css?v=09.22.24.2

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 27802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0laAfGI4XvhaI3Ciq6EZwusk5zztl3rMseV%2BHgeH4TcANIRfR8w4lt%2Bk8iZOpM3AAPSp033Z1qQKgw3uiyApeBbXpYqmz8mdqfXjMvaYCIcks%2BqlaoL61uZdZra2I%2F6amBA8p9w%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=83
server-timing: cfL4;desc="?proto=TCP&rtt=5642&min_rtt=5371&rtt_var=330&sent=348&recv=167&lost=0&retrans=1&sent_bytes=440319&recv_bytes=4639&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=149&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="nav_bg.webp"
vary: Accept
last-modified: Sat, 04 Mar 2017 07:57:02 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccbbfb18651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 72
server: cloudflare

GET
H2 200 20x20-printer.png
www.bleepstatic.com/images/site/ 422 B
1 KB 30ms
25ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=09.22.24.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/main.css?v=09.22.24.2

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 46530
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2bhkmRXqw%2BmOIhRx8V%2Fr0i61q8NQZH1As%2F106nMj%2F2eWjDZFGXgINb7576LPpCeAGiswFhNoSmgbPZft8Znp4M3viWAJPzf4wMmsETY4qR3nU5BfR0Q7v4HSfadzgt%2FtvbDYnVo%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=824
server-timing: cfL4;desc="?proto=TCP&rtt=5616&min_rtt=5371&rtt_var=229&sent=354&recv=169&lost=0&retrans=1&sent_bytes=442501&recv_bytes=4639&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=151&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="20x20-printer.webp"
vary: Accept
last-modified: Sat, 03 Oct 2015 03:18:32 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccbbfb48651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 422
server: cloudflare

GET
H2 200 calendar.png
www.bleepstatic.com/images/site/ 86 B
617 B 33ms
29ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/calendar.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/news.css

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 50178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L7VzN4OAfr2qww%2BlfgFQr1cR04waB0QjclUEPvxTvWZ1Q%2BsnPO90zsA0GD4FwmmJG2Y0lJ8eqAdl6MNr6sEaMMEfEARfi1uY0EOcBrsa3zIQQqqsYhE7ZAF1PXHOJDGcl39QkKo%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=129
server-timing: cfL4;desc="?proto=TCP&rtt=5611&min_rtt=5371&rtt_var=182&sent=366&recv=170&lost=0&retrans=1&sent_bytes=449437&recv_bytes=4639&delivery_rate=30841049&cwnd=466&unsent_bytes=156&cid=a30e1c7dcfb9469e&ts=156&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="calendar.webp"
vary: Accept
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccbbfc08651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 86
server: cloudflare

GET
H2 200 clock.png
www.bleepstatic.com/images/site/ 252 B
760 B 26ms
22ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/clock.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/news.css

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 17073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygEadCuPhre%2BBS4H5R1I2HqaJXVss2%2FMAwGW0VxIUwCSUfzVuuEJWHf%2Fu0bfGJq5XuhGuWYwpMjisfgJ8NFBtvE5o9hCbgzs4VK38KAPDMl4c11bIz%2BE5gokoacvrYOJVa6j%2B3M%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1316
server-timing: cfL4;desc="?proto=TCP&rtt=5616&min_rtt=5371&rtt_var=229&sent=350&recv=169&lost=0&retrans=1&sent_bytes=440988&recv_bytes=4639&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=150&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="clock.webp"
vary: Accept
last-modified: Fri, 29 May 2015 07:08:14 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccbbfc58651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 252
server: cloudflare

GET
H2 200 comment-light.png
www.bleepstatic.com/images/site/ 94 B
730 B 31ms
28ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/comment-light.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/news.css

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 70995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HrUwdQ3ew1b08TySnL4PN%2FSc9UqRpIjjRm3yTGJdpK3NVdWeNtQRC32rDPntSAGh6yARDv74i%2B26e3esCGMm2gVlECwFQPaCOioCNF3XnbiBWmbzRcsQfXPX4ZhfN8evBfuOyYc%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1034
server-timing: cfL4;desc="?proto=TCP&rtt=5611&min_rtt=5371&rtt_var=182&sent=364&recv=170&lost=0&retrans=1&sent_bytes=448766&recv_bytes=4639&delivery_rate=30841049&cwnd=466&unsent_bytes=31&cid=a30e1c7dcfb9469e&ts=155&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="comment-light.webp"
vary: Accept
last-modified: Fri, 29 May 2015 07:08:28 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccbbfc78651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 94
server: cloudflare

GET
H2 200 32x32-printer.png
www.bleepstatic.com/images/site/ 258 B
774 B 42ms
38ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=09.22.24.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac85e662bff5e8d94bea12a289d12303c46f0d2d0cf4ba25e8feb1ea8ac5996

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/main.css?v=09.22.24.2

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 67681
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hThfdgaQMrnC5JZ0EDVqQRv%2BsxmUSWtLKRe7GIecDJLslj8JJQSo%2FCZf2ieBNa%2BUxjj1ibN0B1bbBYrJt9QK8EErWXSQZ3n1GcJAAuv8YQ0bqyhXy6bPWLJLU3EQY3jUiC2S%2FPs%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=618
server-timing: cfL4;desc="?proto=TCP&rtt=5552&min_rtt=5371&rtt_var=77&sent=367&recv=178&lost=0&retrans=1&sent_bytes=450276&recv_bytes=4639&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=162&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="32x32-printer.webp"
vary: Accept
last-modified: Fri, 02 Oct 2015 21:57:19 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccbbfcc8651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 258
server: cloudflare

GET
H2 200 21beb902b545b086a90ec39f1df36b94.jpg
www.bleepstatic.com/author/photos/ 7 KB
8 KB 42ms
39ms Image
image/jpeg 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/author/photos/21beb902b545b086a90ec39f1df36b94.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b97594b67e1f38a7d282fabe5760651d1bdd8025867b5bce1d0d0b1016168c06

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.bleepingcomputer.com/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 6232
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DlhLEcMoIda0Mx0Ijq8FgyHkMHtKKhxp1ASHdr%2FyZVPavy2wBPoC6GyeDRmH7j1Y0EdinA8%2B0dLahEIn%2BHYdR32lE02SrmZpN8DCHV1NbjjqSLkU7trxrg2zNVJPi%2FZqIIppHzo%3D"}],"group":"cf-nel","max_age":604800}
expires: Mon, 23 Dec 2024 12:28:45 GMT
cf-polished: origSize=7617, status=webp_bigger
server-timing: cfL4;desc="?proto=TCP&rtt=5552&min_rtt=5371&rtt_var=77&sent=370&recv=178&lost=0&retrans=1&sent_bytes=451116&recv_bytes=4639&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=167&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/jpeg
last-modified: Mon, 26 Oct 2015 17:15:33 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccbbfce8651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7524
server: cloudflare

GET
H2 200 before-bg.png
www.bleepstatic.com/images/site/ 116 B
621 B 26ms
23ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/before-bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee9b2fe75e3a5637b840957e2f9aefedb394224a1846a731ad7ead76abf91d58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/news.css

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 71848
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ulHVCAaq%2FEPtfvlH9g9Goqn9cISneYehOMkgVyLchcP02MPfWiwurR8TpcgK%2Bo4GSpzcsW9AssRG%2FXMEsnfZ4JTQHwT27h2QATPMKFuJgl6%2FG9A0utuNZIktIVch%2BjXLms2Qmk0%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1026
server-timing: cfL4;desc="?proto=TCP&rtt=5616&min_rtt=5371&rtt_var=229&sent=352&recv=169&lost=0&retrans=1&sent_bytes=441814&recv_bytes=4639&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=151&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="before-bg.webp"
vary: Accept
last-modified: Fri, 29 May 2015 07:08:06 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccbbfd08651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 116
server: cloudflare

GET
H2 200 news-icon-01.png
www.bleepstatic.com/images/site/ 236 B
751 B 30ms
27ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news-icon-01.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6edc0a66e5e7b2ce8f7c40a3d1184cccd529f719137e2265b60206adaec4e74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/news.css

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 69188
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2FR%2Ft3jiuEskPI4v5XmiA%2B4VEnIYluQmwL3m8zP49lSnEzdbqb1WypoNZPOiRLEDGvOhOacriiTeJWzf2lzoIjdySK%2Btm%2FsWP31hcYCdy%2BD089nlRfkEHU9m3oVyAf1B96L64oA%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1204
server-timing: cfL4;desc="?proto=TCP&rtt=5616&min_rtt=5371&rtt_var=229&sent=362&recv=169&lost=0&retrans=1&sent_bytes=447980&recv_bytes=4639&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=154&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="news-icon-01.webp"
vary: Accept
last-modified: Fri, 29 May 2015 07:09:52 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccbbfd18651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 236
server: cloudflare

GET
H2 200 link-icon.png
www.bleepstatic.com/images/site/comments/ 452 B
974 B 28ms
26ms Image
image/png 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/comments/link-icon.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fad3b1bced72da2d8abd6bd616e7ca419496e800c488dd39087370ba5093e0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/news.css

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 1245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMv7gN6iF4A9lRcfkP3u4pfb0WpDGxAYlbV9HIiHZYujkk4RUNiY%2FjxQ%2FTN6zDV4WRZcVRdvhRbupwcf%2B90ZJxDqCDRXk%2BKv7yJ5Do7EmAm25bVgfNvSV3Xp3n3hPExnECvpQ48%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 19 Jan 2025 06:00:01 GMT
cf-polished: origSize=787, status=webp_bigger
server-timing: cfL4;desc="?proto=TCP&rtt=5616&min_rtt=5371&rtt_var=229&sent=360&recv=169&lost=0&retrans=1&sent_bytes=446940&recv_bytes=4639&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=152&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/png
last-modified: Fri, 25 Sep 2015 17:29:04 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccbbfd28651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 452
server: cloudflare

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ 39 KB
39 KB 18ms
6ms Font
font/woff2 142.251.16.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f94.1e100.net

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.bleepingcomputer.com
Referer: https://fonts.googleapis.com/

Response headers

age: 21818
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 15 May 2026 10:21:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 15 May 2025 10:21:08 GMT
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

GET
H3 200 connatix.player.js Show response
cd.connatix.com/ Frame 4C59 2 KB
1 KB 66ms
24ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cd.connatix.com/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d11730632423a78c31ba1142441c96f7584af4efbeeaa46284b57cf89fee7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-encoding: br
cf-ray: 9403fccc5fd81ffe-IAD
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:46 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

GET
H2 200 configs
d.pub.network/v2/sites/bleepingcomputer-com/ 96 KB
11 KB 51ms
26ms Other
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://d.pub.network/v2/sites/bleepingcomputer-com/configs?env=PROD

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

ef815817fec6e1cddbfc703cb4a73e6af6d7ed1a8ee24b8460485948efcb3f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.bleepingcomputer.com
Referer

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.bleepingcomputer.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 15 May 2025 16:24:46 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent

GET
H2 200 h4-bg.png
www.bleepstatic.com/images/site/ 38 B
647 B 23ms
23ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/h4-bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=09.22.24.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/main.css?v=09.22.24.2

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 63245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2RxSJiCYuIa%2BbebIlARzbcOWFa2DxATgwNT6AGRkzM3zwgYVenhsylbbSt5FlIGiDYa%2B03epOXqa5X17dMpluQhnXyQwbp%2BfPTQIrVedc4iIJ%2BekUisTi2n5stvORO4opp43uwI%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=72
server-timing: cfL4;desc="?proto=TCP&rtt=11505&min_rtt=5371&rtt_var=11793&sent=378&recv=185&lost=0&retrans=1&sent_bytes=459331&recv_bytes=4706&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=234&x=0"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/webp
content-disposition: inline; filename="h4-bg.webp"
vary: Accept
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccc39988651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38
server: cloudflare

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505130201/ 445 KB
149 KB 4ms
3ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505130201/show_ads_impl_fy2021.js?bust=31092430

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

ee76589e38c86be29d55879316a40510e796d3e900e3a0c3fb007f49edfd5b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 12988546048671316883
age: 20274
x-content-type-options: nosniff
expires: Thu, 29 May 2025 10:46:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 15 May 2025 10:46:52 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 152900
x-xss-protection: 0
server: cafe

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 15ms
3ms Image
image/x-icon 192.178.155.149
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.178.155.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yuiadrs-in-f149.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 16361
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Fri, 16 May 2025 11:52:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 15 May 2025 11:52:05 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 23ms
4ms Image
image/svg+xml 23.62.165.92
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.165.92 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-165-92.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=2592000
timing-allow-origin: *, *
etag: "5ab8e16b5f46213840bcd403e349419c:1708851030.144644"
access-control-request-headers: X-OB-STG,X-OB-PRD
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
expires: Sat, 14 Jun 2025 16:24:46 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 990
date: Thu, 15 May 2025 16:24:46 GMT
content-type: image/svg+xml
last-modified: Sun, 25 Feb 2024 08:33:18 GMT
server: AkamaiNetStorage

GET
H2 200 jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 5 KB
2 KB 19ms
17ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "9108074"
age: 5245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsSgwXb6LHhaKVlOEN8Sj%2BVMJKdea3HGNtBriwgvOdoXo8qKxHJ1hf0uepuBHeOqkivOxg7bWcWyN9Ph%2BWy9YcFW3UgdWf8SnVLV2Qzlj2P08JD4NhLR6JV8qRVFRKo3cfRJpoQ%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 02 Feb 2025 06:14:45 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=9561&min_rtt=5371&rtt_var=7901&sent=381&recv=189&lost=0&retrans=1&sent_bytes=460044&recv_bytes=4786&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=479&x=0"
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccdceaa8651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1423
server: cloudflare

GET
H2 200 fontawesome.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 79 KB
17 KB 30ms
29ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/css/fontawesome.min.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2038534161"
age: 2841
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUQ%2F2CHd%2BK4wYwht8PwGA6Q7naGwa3wPr%2BhGLzG2fz4ZKLCw1oywQqfB0aztNypEMTRc4b5Q%2F%2B9xIMocFuNojDv3PjShdzzIsPxx%2FGm36JA7dyupTXhMMnbxvjTtfO6H7h2yToU%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 02 Feb 2025 09:07:17 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=8598&min_rtt=5371&rtt_var=6110&sent=385&recv=191&lost=0&retrans=1&sent_bytes=462073&recv_bytes=5025&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=492&x=0"
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 22:35:03 GMT
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccddeee8651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17356
server: cloudflare

GET
H2 200 brands.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 18 KB
5 KB 32ms
31ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "2013745295"
age: 3091
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPmiy8agt%2FIufsQV8uJQAXt8ASSV4BmOTHwNRaWpFD5EEUQGjTF2o8e6dTpXgqr7GEcbQg3FU8YfvP1Us%2FQVsvf50Yvc22cVq4aDddDdUhc6hxPHpox0ndNgsd1wg8s%2Ff4Pz8y8%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 25 Jan 2025 11:40:38 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=8598&min_rtt=5371&rtt_var=6110&sent=399&recv=191&lost=0&retrans=1&sent_bytes=480039&recv_bytes=5025&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=494&x=0"
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 22:34:45 GMT
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccddef08651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4725
server: cloudflare

GET
H2 200 solid.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 572 B
835 B 46ms
46ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "508050520"
age: 4398
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUyvvBGy2czqTD5VVpQNMMD7dzkzMCB7oIIaInB3lpNDkV8BS%2Bw4WyrwaqfXWYhu1cBrJknqWRwmeMwXVE8C%2BtbkyQQS57aZ1SbOaUPrGh9vv5sL3VT6%2FjQWF3ELvsPFcAw96HE%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 02 Feb 2025 06:02:25 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=7667&min_rtt=5371&rtt_var=4019&sent=405&recv=197&lost=0&retrans=1&sent_bytes=485325&recv_bytes=5120&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=498&x=0"
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 14 Nov 2022 22:34:55 GMT
cache-control: max-age=3024000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccddef28651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 325
server: cloudflare

GET
H2 200 292x176_steam-header-new.jpg
www.bleepstatic.com/content/hl-images/2022/09/12/thumb/ 12 KB
12 KB 19ms
19ms Image
image/jpeg 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2022/09/12/thumb/292x176_steam-header-new.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f6189b44d3c306350076efee741fa078c369ac7718e35de07dc5c9ebac20259

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 87536
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1H18hhGcPqur6%2BUcAC53FEb3plmbp%2Fv7Y0Flakxm5uOimo91SXy96glNHiaq22XtKiwxFBVZiANQSAX%2FQdn6MN%2F2rrSPjwaN2jwpn%2ByIME3GzpwNlUxReNzlgXm8fdnLKNGu2sk%3D"}],"group":"cf-nel","max_age":604800}
cf-polished: degrade=85, origSize=51949, status=webp_bigger
server-timing: cfL4;desc="?proto=TCP&rtt=7183&min_rtt=5371&rtt_var=2462&sent=408&recv=202&lost=0&retrans=1&sent_bytes=486226&recv_bytes=5120&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=509&x=0"
date: Thu, 15 May 2025 16:24:47 GMT
content-type: image/jpeg
last-modified: Mon, 12 Sep 2022 19:54:55 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9403fccdef408651-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12107
server: cloudflare

GET
H/1.1 200
OK spc_fi.php Show response
cdn.firstimpression.io/delivery/ 39 KB
8 KB 175ms
128ms XHR
application/json 3.167.99.47
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fnews%2Fsecurity%2Ficlicker-hack-targeted-students-with-malware-via-fake-captcha%2F&charset=UTF-8&ch=6&ref=www.bleepingcomputer.com&viewerId=null&referer=&_firid=48480825
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.99.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-99-47.iad55.r.cloudfront.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 49c11d91b14834ea991c1b475e3a3d845c190189db1f99bf186b6cafec9d8ca9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer

Response headers

Content-Encoding: gzip
Expires: 0
X-Cache: Miss from cloudfront
P3P: CP="CUR ADM OUR NOR STA NID"
X-Amz-Cf-Id: jpXiLstBwpYRI62Rm8XWkqZTExtesAnFjfOiSoGRvefCE-56_vqk-A==
Date: Thu, 15 May 2025 16:24:47 GMT
Content-Type: application/json; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: no-cache, no-store, must-revalidate
x-ioriver: Cloudfront
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Via: 1.1 71b24e89f6f9e648d6cc206b3f6cc3da.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Content-Length: 7818
X-Amz-Cf-Pop: IAD55-P7
Server: Apache/2.4.38 (Debian)

GET
H3 200 elLoader.js Show response
cds.connatix.com/p/583177/ Frame 4C59 4 KB
2 KB 28ms
21ms Script
text/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cds.connatix.com/p/583177/elLoader.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 682dc9a9f4e97293302968e7f4956b4096978d2d2a9257a49df8d0ddc3c5e396

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "e485ffcd43e5f83a1343485b094125ec"
x-amz-version-id: bOZ9JmMSFbtd555M6rNwpNYukzeqA4sy
access-control-allow-methods: *
expires: Fri, 15 May 2026 16:24:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/javascript
last-modified: Thu, 15 May 2025 10:47:29 GMT
x-amz-expiration: expiry-date="Tue, 02 Dec 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 9403fcce59e41ffe-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1227
server: cloudflare

GET
H2 200 px.gif
ad-delivery.net/ 43 B
572 B 76ms
54ms Image
image/gif 104.22.5.65
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1701913
x-goog-stored-content-encoding: identity
expires: Fri, 16 May 2025 16:24:47 GMT
x-goog-stored-content-length: 43
date: Thu, 15 May 2025 16:24:47 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AKDAyIt4YLWYzAwTiIKx18Gc4lB13ND5qfUcspzuPNRZNLolU68AjZyt82j--yAeMCjv_2aG_1UnxIc
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
cf-ray: 9403fcce89d8c99f-IAD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H2 200 px.gif
ad-delivery.net/ 43 B
111 B 76ms
54ms Image
image/gif 104.22.5.65
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1701913
x-goog-stored-content-encoding: identity
expires: Fri, 16 May 2025 16:24:47 GMT
x-goog-stored-content-length: 43
date: Thu, 15 May 2025 16:24:47 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AKDAyIt4YLWYzAwTiIKx18Gc4lB13ND5qfUcspzuPNRZNLolU68AjZyt82j--yAeMCjv_2aG_1UnxIc
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
cf-ray: 9403fcce89d5c99f-IAD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H2 200 fa-solid-900.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 147 KB
148 KB 54ms
30ms Font
application/octet-stream 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-solid-900.woff2
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.bleepingcomputer.com
Referer: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 5927
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jO15No2%2FFRxoBoDX5Hs%2BIhSij5SZsa6nouCG4fAFKy1CnyN0RdYKFV2FKpkLFL%2FMptTHDwQiByhWsKsFbw4%2Bb%2BxHVUJU88mek46JUqDTrnJ0VtBYeC9%2FfcIefeDs%2B9ftddn0jg8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9403fccebc9c825d-IAD
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=7031&min_rtt=7021&rtt_var=1126&sent=5&recv=9&lost=0&retrans=0&sent_bytes=3987&recv_bytes=2406&delivery_rate=616257&cwnd=253&unsent_bytes=0&cid=ac8edeb33b8927f5&ts=35&x=0"
content-length: 150472
date: Thu, 15 May 2025 16:24:47 GMT
content-type: application/octet-stream
last-modified: Mon, 14 Nov 2022 22:33:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 fa-brands-400.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 105 KB
106 KB 61ms
38ms Font
application/octet-stream 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-brands-400.woff2
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://www.bleepingcomputer.com
Referer: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 3293
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BcLCQZ9PQFetCr%2FgAWSvsp6y67HgafiwwDpCmWHL24PD9acWd1xk2maT86krRaOWr%2B%2B2bLOWsZH9yT6EUhz54g3ARaG8WZnz6IdIslQdrW0dWlhDcwz7IqleCll5JMDxgDiRMZk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9403fccebc9d825d-IAD
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=7031&min_rtt=7021&rtt_var=1126&sent=61&recv=9&lost=0&retrans=0&sent_bytes=79763&recv_bytes=2406&delivery_rate=616257&cwnd=253&unsent_bytes=37648&cid=ac8edeb33b8927f5&ts=39&x=0"
content-length: 107460
date: Thu, 15 May 2025 16:24:47 GMT
content-type: application/octet-stream
last-modified: Mon, 14 Nov 2022 22:32:23 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 339ms
85ms Fetch
text/plain 142.251.16.138
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GD465VRQLD&gtm=45je55d1v878037826za200&_p=1747326286627&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509156~103116025~103130495~103130497~103200001~103233424~103252644~103252646~103301114~103301116&cid=545817626.1747326287&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1747326287&sct=1&seg=0&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ficlicker-hack-targeted-students-with-malware-via-fake-captcha%2F&dt=iClicker%20site%20hack%20targeted%20students%20with%20malware%20via%20fake%20CAPTCHA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1392
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.16.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f138.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to: {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.bleepingcomputer.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:97:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 prebid.js Show response
a.pub.network/bleepingcomputer-com/ 540 KB
182 KB 60ms
57ms Script
application/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://a.pub.network/bleepingcomputer-com/prebid.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7e6cd975a12571d6c31e90025ae248e62e951fd4482e51fcd5330329c873a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
x-goog-hash: crc32c=U9ztwg==, md5=dBx2TB03Q16c2myNcGleXQ==
cf-cache-status: HIT
etag: W/"741c764c1d37435e9cda6c8d70695e5d"
age: 1607
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Thu, 15 May 2025 16:54:47 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 553242
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: application/javascript
last-modified: Thu, 15 May 2025 15:57:56 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-guploader-uploadid: AAO2Vwq6pj1JM8a_cVubYW67_qtqOQ72cvtnZkOia0tbhVUxRWh3EbHDLGDY7KtwX0EyvksnrcWBtuw
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=1800
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 9403fccef90d38aa-IAD
access-control-allow-origin: *
x-goog-generation: 1747324676004341
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 106 KB
33 KB 37ms
21ms Script
text/javascript 172.253.62.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

46df571cd4f45ab1dc6700a97785973edd29964bf3572c79d0f9756dedf06f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 908 / 20223 / 31092445 / config-hash: 12423169888300821082
x-content-type-options: nosniff
expires: Thu, 15 May 2025 16:24:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33609
x-xss-protection: 0
server: cafe

GET
H3 200 pubfig.engine.js Show response
a.pub.network/bleepingcomputer-com/ 413 KB
125 KB 43ms
41ms Script
application/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://a.pub.network/bleepingcomputer-com/pubfig.engine.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b0b06a747142a45b45bf5b3dd9ecaf881bcfa83cd922e41c7570f76a53a3f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
x-goog-hash: crc32c=4FDK/Q==, md5=Kvs8y94bpSqywxiZkkH2SQ==
cf-cache-status: HIT
etag: W/"2afb3ccbde1ba52ab2c318999241f649"
age: 1608
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Thu, 15 May 2025 16:54:47 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 422824
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: application/javascript
last-modified: Thu, 15 May 2025 15:57:55 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-guploader-uploadid: AAO2Vwp8APtsQxYIxZmpRQxNOGCU2kqzVR9c5tAjugag5mDDOAimE5sc_gkHYnL3nbNjq-lJDv3JC-c
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=1800
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 9403fccef90e38aa-IAD
access-control-allow-origin: *
x-goog-generation: 1747324675062699
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
0 0ms
0ms Fetch
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fs-loader.com
URL: https://fs-loader.com/script/www.bleepingcomputer.com.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

ac705f6949eea5f14bc9054d8b4c488e28fe0069488dd3be608d3e08962227f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 2642966586113738185
x-content-type-options: nosniff
expires: Thu, 15 May 2025 16:24:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52523
x-xss-protection: 0
server: cafe

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 20ms
6ms Fetch
text/javascript 74.119.117.47
AS-CRITEO

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: fs-loader.com
URL: https://fs-loader.com/script/www.bleepingcomputer.com.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

7df27f3a4722eefdd52d8f9a56f71ca08e54e684a3993d74131d1a05c7b94e4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"67ece350-17438"
cross-origin-resource-policy: cross-origin
expires: Fri, 16 May 2025 16:24:47 GMT
access-control-allow-origin: *
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/javascript
last-modified: Wed, 02 Apr 2025 07:12:16 GMT
server: nginx

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 951B 152 KB
0 0ms
0ms Script
text/javascript 142.251.167.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fs-loader.com
URL: https://fs-loader.com/script/www.bleepingcomputer.com.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

ac705f6949eea5f14bc9054d8b4c488e28fe0069488dd3be608d3e08962227f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 2642966586113738185
x-content-type-options: nosniff
expires: Thu, 15 May 2025 16:24:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 15 May 2025 16:24:46 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52523
x-xss-protection: 0
server: cafe

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
366 B 55ms
45ms Image
image/gif 74.119.117.47
AS-CRITEO

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1&upapi=true

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=31104000, public
timing-allow-origin: *
etag: "493ea254-2b"
cross-origin-resource-policy: cross-origin
expires: Sun, 10 May 2026 16:24:47 GMT
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Thu, 15 May 2025 16:24:47 GMT
content-type: image/gif
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20250513/r20190131/ Frame 4638 8 KB
4 KB 12ms
3ms Document
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20250513/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505130201/show_ads_impl_fy2021.js?bust=31092430

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

6a424c24d87ae73ecbad531f24cb79757d3cf02f67e3251810530e645f14d791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age: 11637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3857
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 May 2025 13:10:50 GMT
etag: 16990069318026772751
expires: Thu, 29 May 2025 13:10:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 20ms
19ms Image
image/gif 142.251.167.157
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 15 May 2025 16:24:47 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A294 76 B
89 B 177ms
172ms Document
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1746978789&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ficlicker-hack-targeted-students-with-malware-via-fake-captcha%2F&pra=7&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.15&aiapmi=0.16&aiact=0.7&aicct=0.7&ailct=0.7125789712259947&aimart=8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1747326286837&bpp=2&bdt=332&idt=384&shv=r20250513&mjsv=m202505130201&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3871181674613&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31092370%2C31092461%2C95353387%2C95360610%2C31092430%2C95344787%2C95360954&oid=2&pvsid=2567722985934362&tmod=515909046&uas=0&nvt=1&fsapi=1&fc=896&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=420

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505130201/show_ads_impl_fy2021.js?bust=31092430

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 May 2025 16:24:47 GMT
expires: Thu, 15 May 2025 16:24:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 connatix.player.js Show response
cds.connatix.com/p/583177/ Frame 4C59 452 KB
108 KB 25ms
24ms Script
text/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/elLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b93de3f2b9d3eacee30474db6fbf12e0a9220b9c1171a8928a6e78f9ce43e4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "1a7b4ae588f32a230a62920761d39cdc"
x-amz-version-id: Ljnn4MkcE2GXuE2XOi68mi7_ahnBI67.
access-control-allow-methods: *
expires: Fri, 15 May 2026 16:24:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/javascript
last-modified: Thu, 15 May 2025 10:47:29 GMT
x-amz-expiration: expiry-date="Tue, 02 Dec 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 9403fccfab2f1ffe-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 110067
server: cloudflare

GET
H/1.1 200
OK / Show response
tag.escalated.io/ 63 KB
26 KB 86ms
44ms Script
application/javascript 3.131.10.225
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.131.10.225 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-131-10-225.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4d122f37ef0a69023be64b234fdd729f771f8c96ac94180cd964f2a11642976e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"67f94911-fa1e"
Connection: keep-alive
Date: Thu, 15 May 2025 16:24:47 GMT
Content-Type: application/javascript
Last-Modified: Fri, 11 Apr 2025 16:53:37 GMT
Server: nginx

POST
H/1.1 200
OK collect
cdn.firstimpression.io/tracking/ 2 B
612 B 121ms
119ms Ping
text/plain 3.167.99.47
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.firstimpression.io/tracking/collect?b=1
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.99.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-99-47.iad55.r.cloudfront.net
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer

Response headers

x-ioriver: Cloudfront
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: OPTIONS, GET, POST
Via: 1.1 71b24e89f6f9e648d6cc206b3f6cc3da.cloudfront.net (CloudFront)
Access-Control-Request-Method: *
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
X-Cache: Miss from cloudfront
Content-Length: 2
X-Amz-Cf-Id: czyfqwSYaHO2FMMHMoYO6Uzk3fkeyCp4W1qQA-x_O6kA4AENWz8WAw==
Date: Thu, 15 May 2025 16:24:47 GMT
Content-Type: text/plain
X-Amz-Cf-Pop: IAD55-P7
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505140101/ 536 KB
169 KB 5ms
5ms Script
text/javascript 172.253.62.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505140101/pubads_impl.js?cb=31092445

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

92e47bb86596706812879f148d3b5c4e26d7bf85080ed93313eb28cf019e3dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 5311400821146492101
age: 61285
x-content-type-options: nosniff
expires: Thu, 14 May 2026 23:23:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 14 May 2025 23:23:22 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 172580
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
670 B 19ms
18ms Fetch
application/json 172.253.62.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bleepingcomputer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

6ef1129ab0e3580f06c8974130d0891804e5609ae72c93825cc94bffafe49ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 15 May 2025 16:24:47 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 645
date: Thu, 15 May 2025 16:24:47 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 / Show response
optimise.net/ 6 KB
6 KB 14ms
7ms Fetch
application/json 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://optimise.net/?k=0&d=bleepingcomputer.com&t=desktop&c=US&r=19

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

2f87799dbd030bc2afba370ebf33028a075e9c15d6177f1728acc1b47136fba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm: 0

Response headers

access-control-max-age: 3600
access-control-expose-headers: fs-client-rtt,fs-country
age: 127
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
expires: 0
fs-client-rtt: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 15 May 2025 16:22:40 GMT
content-type: application/json
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm, x-ab-test-id, x-test-config-id, timeouts-active
strict-transport-security: max-age=31536000
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.bleepingcomputer.com
content-length: 5776
fs-country: US

OPTIONS
H2 200 /
optimise.net/ Frame 0
0 80ms
47ms Preflight 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://optimise.net/?k=0&d=bleepingcomputer.com&t=desktop&c=US&r=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key,x-lm
Access-Control-Request-Method: GET
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm, x-ab-test-id, x-test-config-id, timeouts-active
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: fs-client-rtt,fs-country
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Thu, 15 May 2025 16:24:47 GMT
expires: 0
fs-client-rtt: 1
fs-country: US
pragma: no-cache
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 530 vkdsgkckckjkskiff24k6k2ks2pj8k5d2820k62c8mfg28k5jkcg2p2cg282c0
fs-loader.com/content/www.bleepingcomputer.com/-1/70/274/209/a/ 6 KB
0 101ms
73ms Fetch
text/html 172.67.70.136
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fs-loader.com/content/www.bleepingcomputer.com/-1/70/274/209/a/vkdsgkckckjkskiff24k6k2ks2pj8k5d2820k62c8mfg28k5jkcg2p2cg282c0

Requested by

Host: fs-loader.com
URL: https://fs-loader.com/script/www.bleepingcomputer.com.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4XgRvSN4EBfQdfPZePkJdBqFxlobhhiCFhG9UC2VjjttsV%2BbtWXxptnOh6ivK2ajfQkbU%2FW2akr%2BJ6v%2BKE0O3xa4aXjX0zAo78a%2B3%2FDuvvPHYQ98BEpN%2F8doC3eD%2BoA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, PATCH, OPTIONS, DELETE
x-as-version: v6.10.250
expires: Thu, 01 Jan 1970 00:00:01 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=7065&min_rtt=7030&rtt_var=1139&sent=7&recv=9&lost=0&retrans=0&sent_bytes=4029&recv_bytes=2355&delivery_rate=617220&cwnd=254&unsent_bytes=0&cid=2f3be89c27c1bd44&ts=79&x=0"
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/html; charset=UTF-8
vary: Origin, Accept-Encoding
access-control-allow-headers: *
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 9403fcd14f008224-IAD
access-control-allow-origin: https://www.bleepingcomputer.com
server: cloudflare

GET
H3 200 player.user.manager.service.js Show response
cds.connatix.com/p/583177/ Frame 4C59 57 KB
16 KB 26ms
25ms Script
text/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cds.connatix.com/p/583177/player.user.manager.service.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae4412827630be9431595094d96e7008781746237bd79449b6bb2f95f91a727

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "aef118b7b7e34ba5f6ea8dc3b8d56919"
x-amz-version-id: dL7zw1F3etIXxHKM6C.9TBWLVdGfqr5Y
access-control-allow-methods: *
expires: Fri, 15 May 2026 16:24:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/javascript
last-modified: Thu, 15 May 2025 10:47:29 GMT
x-amz-expiration: expiry-date="Tue, 02 Dec 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 9403fcd18cd61ffe-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15670
server: cloudflare

GET
H3 200 player.renderer.js Show response
cds.connatix.com/p/583177/ Frame 4C59 191 KB
47 KB 22ms
21ms Script
text/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cds.connatix.com/p/583177/player.renderer.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fade7346604adef48d6867199eeffff71ab2cb1e884dc166d25267b69d51bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "7a5cd887e165f5a18f03308454c25c3a"
x-amz-version-id: M_EuBkJ9LgSqvVxmweaDPQvDNW0pNzyk
access-control-allow-methods: *
expires: Fri, 15 May 2026 16:24:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/javascript
last-modified: Thu, 15 May 2025 10:47:29 GMT
x-amz-expiration: expiry-date="Tue, 02 Dec 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 9403fcd18cd71ffe-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47198
server: cloudflare

GET
H3 200 cSyncRemoteEntry.js Show response
cds.connatix.com/p/583177/ Frame 4C59 3 KB
2 KB 24ms
24ms Script
text/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cds.connatix.com/p/583177/cSyncRemoteEntry.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24f6cc21c375ef55e2ced72154ea2209c38cdd3c31dff21073e82cab58bc4317

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "c8c24e5c70d2a3ffa2c412f214f1fed4"
x-amz-version-id: friZa88aKSgCwCyFfHlQ5_REsdgetkdN
access-control-allow-methods: *
expires: Fri, 15 May 2026 16:24:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/javascript
last-modified: Thu, 15 May 2025 10:47:29 GMT
x-amz-expiration: expiry-date="Tue, 02 Dec 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 9403fcd19cdf1ffe-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1423
server: cloudflare

GET
H3 200 player.style.8c38edec97ecc08cde72.css
cds.connatix.com/a/ 67 KB
10 KB 20ms
20ms Stylesheet
text/css 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cds.connatix.com/a/player.style.8c38edec97ecc08cde72.css
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4958ade9a5818fee106ac79b2bb5afc63af2f2dd20a9fab7b2cbbc42c2c09501

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "4baadc28964884ca05946af0ef839aaa"
x-amz-version-id: zVFsemX6EBbOLwEUns8bboIKryvzYNdI
access-control-allow-methods: *
expires: Fri, 15 May 2026 16:24:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/css
last-modified: Fri, 25 Apr 2025 13:18:33 GMT
vary: Accept-Encoding
priority: u=0,i=?0
access-control-allow-headers: range
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 9403fcd19ce01ffe-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9391
server: cloudflare

GET
H3 200 player.hls.c473260ed89794fc61d1.js Show response
cds.connatix.com/a/ 290 KB
75 KB 23ms
23ms Script
text/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cds.connatix.com/a/player.hls.c473260ed89794fc61d1.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b15822ec82ff6854192041eba92417285e5995858101ce59745f9051c757ec1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "26ff5f6338fa1ac34ab87bdfdb96f553"
x-amz-version-id: 34XIsmyYhiiw7IXW6A93EwcZdt_zeeYM
access-control-allow-methods: *
expires: Fri, 15 May 2026 16:24:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/javascript
last-modified: Thu, 15 May 2025 10:47:31 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: range
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 9403fcd19ce21ffe-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76641
server: cloudflare

GET
H3 200 player.ads.js Show response
cds.connatix.com/p/583177/ Frame 4C59 421 KB
98 KB 32ms
32ms Script
text/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cds.connatix.com/p/583177/player.ads.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ea9369c9b90d2458a8537f24dfda1164b799a99eb566c5d15187102a920cc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "b5f866d929fbebe3ce75c024950b18b2"
x-amz-version-id: AfFxco1_7kv5qP_ikQ43.kSoQMP3oBo1
access-control-allow-methods: *
expires: Fri, 15 May 2026 16:24:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/javascript
last-modified: Thu, 15 May 2025 10:47:29 GMT
x-amz-expiration: expiry-date="Tue, 02 Dec 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 9403fcd19ce31ffe-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 99570
server: cloudflare

POST
H2 204 vkdsgkckckjkskiffk2ks2pj8k5d2820k62c8mfk5vk5jrkcw2ckskng8kskc3kp4k7k7k7k621j2828kjwvk92c8mkjkmkc2820k62c8mo27b2pilk0ka4i42pkh27kb Show response
fs-loader.com/content/www.bleepingcomputer.com/-1/70/274/a/ 0
589 B 139ms
137ms XHR
text/plain 172.67.70.136
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://fs-loader.com/content/www.bleepingcomputer.com/-1/70/274/a/vkdsgkckckjkskiffk2ks2pj8k5d2820k62c8mfk5vk5jrkcw2ckskng8kskc3kp4k7k7k7k621j2828kjwvk92c8mkjkmkc2820k62c8mo27b2pilk0ka4i42pkh27kb
Requested by: Host: fs-loader.com
URL: https://fs-loader.com/script/www.bleepingcomputer.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"ascnsrsggc:61:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:61:0"}],}
access-control-allow-methods: GET, POST, PATCH, OPTIONS, DELETE
x-as-version: v6.10.250
expires: Fri, 01 Jan 1990 00:00:00 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=7343&min_rtt=7030&rtt_var=1194&sent=16&recv=13&lost=0&retrans=0&sent_bytes=11317&recv_bytes=3247&delivery_rate=1086271&cwnd=256&unsent_bytes=0&cid=2f3be89c27c1bd44&ts=304&x=0"
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/plain
last-modified: Sun, 17 May 1998 03:00:00 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:61:0
cf-ray: 9403fcd23ffe8224-IAD
access-control-allow-origin: https://www.bleepingcomputer.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:61:0
server: cloudflare

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 freestar-sdk.js Show response
freestar.solutions.cdn.optable.co/public-assets/ 31 KB
10 KB 36ms
7ms Script
text/javascript 35.244.192.210
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://freestar.solutions.cdn.optable.co/public-assets/freestar-sdk.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.engine.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.192.210 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

210.192.244.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

5fd5fd1a42f15157c28f136045f153850cc59bb28c2fb7d7b0e4afb433569f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=a8esUQ==, md5=IGtydoVR9X3gKLEby2mdbA==
etag: "206b72768551f57de028b11bcb699d6c"
age: 426
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 10044
date: Thu, 15 May 2025 16:17:41 GMT
last-modified: Tue, 13 May 2025 14:19:23 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AAO2VwqOh3wDZSXHFS6DKwfcVev4Bc2JjTo2B8DEELFebldl2bUxRCXRVeM-Vkfxae12arK5KrR-Ilk
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=86400
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
x-goog-generation: 1747145963206573
content-length: 10044
server: UploadServer

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 127 KB
28 KB 79ms
63ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.engine.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15ba8852458b9db6b12c3c6889b111e4204bd162357a86e30bac2dbd6b7ffdb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "3a6e175ffe621cf5b97da16efaed2e5c"
age: 734
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/javascript
last-modified: Thu, 15 May 2025 15:35:19 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: hOMl5gISizHHzdTD/LsbTCc+a85bTKWF2Ch4utas3s9ODyMIz3G02no/2Doi0d9byMGV1Z4K610=
cache-control: public, max-age=900, stale-while-revalidate=3600
x-amz-request-id: GHA2NQ7BV8V60ZGY
cf-ray: 9403fcd2999b2d11-IAD
accept-ranges: bytes
content-length: 27820
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 cSyncRemote.js Show response
cds.connatix.com/p/583177/ Frame 4C59 269 KB
64 KB 22ms
21ms Script
text/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cds.connatix.com/p/583177/cSyncRemote.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 562c43a418c6b095f1829e3b0b8817240028d3a9fe9b4935d27735ac16f47a93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "23d37df19daaf2c7ae35e757c77717dd"
x-amz-version-id: rqNLgy9oRlukESi0bIuMfXE0i21.a_8G
access-control-allow-methods: *
expires: Fri, 15 May 2026 16:24:47 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/javascript
last-modified: Thu, 15 May 2025 10:47:29 GMT
x-amz-expiration: expiry-date="Tue, 02 Dec 2025 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
access-control-allow-headers: range
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 9403fcd28db41ffe-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 65060
server: cloudflare

POST
H3 200 mny Show response
capi.connatix.com/core/ Frame 4C59 9 KB
3 KB 61ms
59ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://capi.connatix.com/core/mny?v=583177&cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6338dec0d7467d4c9437a973c5ae9f4e7992d2090cd57f9c2467892ad3ff19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: multipart/form-data
Referer

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: application/x-protobuf
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 9403fcd29fe3204e-IAD
access-control-allow-origin: https://www.bleepingcomputer.com
content-length: 2880
server: cloudflare

POST
H/1.1 200
OK post Show response
tag.escalated.io/ 30 B
444 B 92ms
58ms Fetch
application/json 3.131.10.225
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://tag.escalated.io/post

Requested by

Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.131.10.225 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-131-10-225.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

7dd6cd6a3623ad24eeec007a81adcdb51343e5df67f76b2529917fd678533bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

Cache-Control: no-store
Connection: keep-alive
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 30
Date: Thu, 15 May 2025 16:24:47 GMT
X-XSS-Protection: 1; mode=block
Content-Type: application/json; charset=utf-8
Server: nginx
Access-Control-Allow-Headers: X-Forwarded-For, X-Requested-With, Content-Type

POST
H3 200 / Show response
capi.connatix.com/metrics/ Frame 4C59 0
407 B 44ms
31ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://capi.connatix.com/metrics/?v=583177&tier=1
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: multipart/form-data
Referer

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: application/x-protobuf
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 9403fcd3998bf280-IAD
access-control-allow-origin: https://www.bleepingcomputer.com
content-length: 20
server: cloudflare

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/33CYnLkVKFSMCUwC1MMcR-L4HeU/video/ Frame 4C59 180 KB
38 KB 18ms
18ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.confiant-integrations.net/33CYnLkVKFSMCUwC1MMcR-L4HeU/video/config.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711a1dedcfcb3297a7546927e04a9f1716ef81b9885c83e1ccc6559090dab6cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1d5c04b1b8a22d0d6c8ef3d884524d41"
age: 3
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:47 GMT
content-type: text/javascript
last-modified: Thu, 15 May 2025 15:42:19 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: ALEv0SoCFGpwLK+xXJwaptN2XX77zoLdtEPNRkwUkwu/y2U6NWpuo1ZyYHJolK1w//Yj7N2QsBNmZ/dOuslWv4UF2XouuDWwk+v8DPqQFOg=
cache-control: public, max-age=900, stale-while-revalidate=3600
x-amz-request-id: 7MVK3JFX2039WQ7P
cf-ray: 9403fcd38ae92d11-IAD
accept-ranges: bytes
content-length: 38181
server: cloudflare
x-amz-server-side-encryption: AES256

GET config
na.edge.optable.co/ 0
0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 105 KB
31 KB 94ms
71ms Script
text/javascript 104.22.52.86
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: freestar.solutions.cdn.optable.co
URL: https://freestar.solutions.cdn.optable.co/public-assets/freestar-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

860539ec4f3ee0e11aa746e6d001bfce5654a5b6101563e17cfa4716cfdc4335

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"dcb8906065544836970a0fd171e6738e"
age: 46
expires: Thu, 15 May 2025 17:24:48 GMT
date: Thu, 15 May 2025 16:24:48 GMT
content-type: text/javascript;charset=utf-8
last-modified: Fri, 02 May 2025 06:44:22 GMT
vary: Accept-Encoding
x-amz-id-2: ktNmZ5mhwsCSINB2RZV5vsJYjKUt7d31OQzt7qkl2cHZq43grfa80SPBJ/l0VL9xPnpLgRnlDsG/xSIFGM5NxJdDPzhl4ekh
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
x-amz-request-id: EBFBXV04PZ7Z70ZG
cf-ray: 9403fcd3cdda1ff7-IAD
server: cloudflare
x-amz-server-side-encryption: AES256

GET targeting
na.edge.optable.co/v2/ 0
0

POST
H3 200 pls Show response
capi.connatix.com/core/ Frame 4C59 2 KB
2 KB 45ms
45ms XHR
application/x-protobuf 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://capi.connatix.com/core/pls?v=583177&tier=1&cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&abid=ADVS-1759-3-ufp3-ml1594-mab&part=Feature
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e32819821f59636d8489068a52f5deebf981b9ada4f2cac7631850b90ff58999

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: multipart/form-data
Referer

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:48 GMT
content-type: application/x-protobuf
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 9403fcd40980204e-IAD
access-control-allow-origin: https://www.bleepingcomputer.com
content-length: 1332
server: cloudflare

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 25ms
17ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.engine.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 27596fbe73dd6b60458b5718492a6f8b95c3efc4c09a3325ad2035a47a9712e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.bleepingcomputer.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36
date: Thu, 15 May 2025 16:24:48 GMT
content-type: text/plain;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 c
c.pub.network/v2/ Frame 0
0 218ms
201ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 15 May 2025 16:24:48 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202504140911/ 339 KB
120 KB 34ms
33ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202504140911/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 763429cfe4867730a9f060d45db2b21adb69036509654659faa0c6b532e18775

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "e837ccc1c5391f1389a181977d8bd171"
age: 54445
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Apr 2025 14:04:23 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: hrqmq9QJo7C2k7w9gKujlqTKyJcUhaqHf9K1T199/jcJTUMzcRuivyQKtnDmVWtLryorydKUEApFqB9JDCBLc6090xhq/0Bt
cache-control: public, max-age=31536000
x-amz-request-id: WB8G4J03JYBYX971
cf-ray: 9403fcd42bbd2d11-IAD
accept-ranges: bytes
content-length: 121952
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 tag Show response
btloader.com/ 63 KB
21 KB 50ms
24ms Script
application/javascript 172.67.41.60
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/tag?o=5714937848528896&upapi=true
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a182045cb35073f1d6afb0a128ffad2a7b7878f56e19309ac7e0f23ef9dd1503

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "b3a33833f78ae695882e67b4623b94d6"
via: 1.1 google
cf-ray: 9403fcd458d8c99b-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21338
date: Thu, 15 May 2025 16:24:48 GMT
content-type: application/javascript
last-modified: Thu, 15 May 2025 16:21:49 GMT
vary: Accept-Encoding
server: cloudflare

GET targeting
na.edge.optable.co/v2/ 0
0

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/video/202503131009/ Frame 4C59 272 KB
95 KB 23ms
23ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.confiant-integrations.net/video/202503131009/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/33CYnLkVKFSMCUwC1MMcR-L4HeU/video/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a90fa0078637d089de63716c2d3ac50c09edc8596a51b09fb6fd38b6c791b37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "e4fd019d997eec493d7bf87e05ded178"
age: 2184353
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 13 Mar 2025 14:19:07 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: NoQ0oUFSWlWEuByITQk9/3thn2/nG3oR+xbH6MvR1yKkJF8OWc6z32/9WLc9xvmqR8doMs69Hq0moKk53JBUVSMWBUVFB8Du/FY2XtS92I0=
cache-control: public, max-age=31536000
x-amz-request-id: J5NFM3787JYBHYQD
cf-ray: 9403fcd46c472d11-IAD
accept-ranges: bytes
content-length: 96864
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 1_media.bin Show response
vid.connatix.com/pid-ce4d4c45-53cb-40cc-88d1-30d789f5b276/f2590cdd-0bb5-401c-a109-f286e7a52d32/ Frame 4C59 249 B
638 B 62ms
31ms XHR
application/x-protobuf 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vid.connatix.com/pid-ce4d4c45-53cb-40cc-88d1-30d789f5b276/f2590cdd-0bb5-401c-a109-f286e7a52d32/1_media.bin
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac7a0da5c4d856b026aa57737580b265a96014c153213717fb4cf5a4fb3c60e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: W/"1d8131d1fbcacb6d95d40cb572842dbd"
xpid: ce4d4c45-53cb-40cc-88d1-30d789f5b276
access-control-allow-methods: *
expires: Fri, 15 May 2026 16:24:48 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:48 GMT
content-type: application/x-protobuf
last-modified: Thu, 04 Jul 2019 13:00:24 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
priority: u=1,i
access-control-allow-headers: range
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 9403fcd4ae58c922-IAD
access-control-allow-origin: *
server: cloudflare

GET
H3 200 player.iframe.integration.destroy.28d7b97fce4f592315d4.js Show response
cds.connatix.com/a/ 681 B
772 B 21ms
20ms Script
text/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cds.connatix.com/a/player.iframe.integration.destroy.28d7b97fce4f592315d4.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/583177/connatix.player.js?cid=f9509d53-804e-427d-a0bc-1204c0a3bcb1&pid=ce4d4c45-53cb-40cc-88d1-30d789f5b276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ef3965e4d115e0c67be8adef6f4ad85596f091e636f33957f7866b9c84cd294

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "25214b560073b385cd3acc5f1bf7f226"
x-amz-version-id: OHzv0cKSeezt5fXl8mXr2Ik54CF0t90z
access-control-allow-methods: *
expires: Fri, 15 May 2026 16:24:48 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 15 May 2025 16:24:48 GMT
content-type: text/javascript
last-modified: Thu, 15 May 2025 10:47:31 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: range
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
cf-ray: 9403fcd47f921ffe-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 357
server: cloudflare

GET
H2 200 websiteconfig Show response
btloader.com/ 951 B
755 B 79ms
58ms Fetch
application/json 172.67.41.60
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896&w=bleepingcomputer.com
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5714937848528896&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8303fc719c3e15bf0e0e6d912c8f7b2f007c48f34bb17425da3d04288be333ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "29da9fb7d8665066dbc2f26a6020571b"
age: 122
via: 1.1 google
cf-ray: 9403fcd4dde3e5f8-IAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 472
date: Thu, 15 May 2025 16:24:48 GMT
content-type: application/json
last-modified: Thu, 15 May 2025 16:21:21 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 px.gif
ad-delivery.net/ 43 B
48 B 27ms
22ms Image
image/gif 104.22.5.65
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1701914
x-goog-stored-content-encoding: identity
expires: Fri, 16 May 2025 16:24:48 GMT
x-goog-stored-content-length: 43
date: Thu, 15 May 2025 16:24:48 GMT
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
content-type: image/gif
x-guploader-uploadid: AKDAyIt4YLWYzAwTiIKx18Gc4lB13ND5qfUcspzuPNRZNLolU68AjZyt82j--yAeMCjv_2aG_1UnxIc
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
cf-ray: 9403fcd4bc04c99f-IAD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
0 3ms
3ms Image
image/x-icon 192.178.155.149
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.178.155.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yuiadrs-in-f149.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 16361
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Fri, 16 May 2025 11:52:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 15 May 2025 11:52:05 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ 43 B
165 B 15ms
11ms Image
image/gif 104.22.5.65
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7191116571714538
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1701914
x-goog-stored-content-encoding: identity
expires: Fri, 16 May 2025 16:24:48 GMT
x-goog-stored-content-length: 43
date: Thu, 15 May 2025 16:24:48 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: AKDAyIt4YLWYzAwTiIKx18Gc4lB13ND5qfUcspzuPNRZNLolU68AjZyt82j--yAeMCjv_2aG_1UnxIc
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
via: 1.1 google
cf-ray: 9403fcd4abd6c99f-IAD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
BLOB 200
OK 65fd09fa-2c66-4f1d-90aa-164fd0e6582a Show response
https://www.bleepingcomputer.com/ Frame 3996 3 KB
0 Script
application/javascript

General

Check archive.org

Download Go to

Full URL: blob:https://www.bleepingcomputer.com/65fd09fa-2c66-4f1d-90aa-164fd0e6582a
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202504140911/wrap.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0437d361c7a504a8985fd7a65a27ee31abbd9ad65a9af9dad02c4f2f3b8f8de2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: application/javascript
Content-Length: 2989

GET
H2 200 country Show response
api.btloader.com/ 37 B
216 B 68ms
46ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/country?o=5714937848528896
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5714937848528896&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Thu, 15 May 2025 16:24:48 GMT
content-type: application/json
vary: Origin

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 34ms
22ms XHR
application/json 142.250.31.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250513&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505130201/show_ads_impl_fy2021.js?bust=31092430

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

5e65b8c9cfce3fb3b8de32c58e1d61dfaa0476889f4280fa0e3b9c869fdae464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13217
date: Thu, 15 May 2025 16:24:48 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 204 pv
api.btloader.com/ 0
0 50ms
45ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/pv?nlf=false&tid=cDOcae5WC-4M7UxlClA-96d4c340e0&sid=6YAl86V1-xbEPioXTVu-96d4c340e0&cv=2.1.95-1-g2f4be39&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5714937848528896&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 15 May 2025 16:24:48 GMT
vary: Origin

GET
H2 200 bleeping.ico
www.bleepstatic.com/favicon/ 8 KB
9 KB 17ms
16ms Other
application/octet-stream 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.bleepstatic.com/favicon/bleeping.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b76cbc969c7c82e75c421e174224d789946300b96001ad530ccf22d630779aa9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 561202
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=az699S%2FOcp29GHS6pdLb%2FtjAt0MLqQ2UTbeNBSQrNb9Gnd0rn6oOBRBxqdrJn%2F654%2FTNyh0uTWkVU7mvDXZkFMGFB1CitgAiBSXeCxJrFNGrNEw9cRU8Z%2BozcW8zXPO5t0%2F9Orc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9403fcd69c568651-IAD
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=11560&min_rtt=5371&rtt_var=11636&sent=420&recv=209&lost=0&retrans=1&sent_bytes=499121&recv_bytes=5192&delivery_rate=30841049&cwnd=466&unsent_bytes=0&cid=a30e1c7dcfb9469e&ts=1896&x=0"
content-length: 8380
date: Thu, 15 May 2025 16:24:48 GMT
content-type: application/octet-stream
last-modified: Wed, 28 Nov 2012 22:22:57 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 17ms
17ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.engine.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 27596fbe73dd6b60458b5718492a6f8b95c3efc4c09a3325ad2035a47a9712e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.bleepingcomputer.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36
date: Thu, 15 May 2025 16:24:48 GMT
content-type: text/plain;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505150101/ 63 KB
23 KB 4ms
3ms Other
text/plain 172.253.62.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505150101/gpt

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

deaa9f5c4d4fa7de7c794a5df1538e4b16f7d954857ed13a88eddbc8f9bb5508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4122429157068215054
age: 5015
x-content-type-options: nosniff
expires: Thu, 22 May 2025 15:01:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 15 May 2025 15:01:13 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23104
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202505150101"

POST sync
capi.connatix.com/core/ Frame 4C59 0
0

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 439ms
118ms Script
text/javascript 142.250.31.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505130201/show_ads_impl_fy2021.js?bust=31092430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f132.1e100.net

Software

sffe /

Resource Hash

f2c50a16459c96e45c44e339dba2764807e8c3a174cdd8804f3fbee6a6b19198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "1746579216026011"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Thu, 15 May 2025 16:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 15 May 2025 16:24:48 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6641
x-xss-protection: 0
server: sffe

GET player.ui.js
cds.connatix.com/p/583177/ Frame 4C59 0
0

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4C59 0
0

POST
H2 400 vkdsgkckckjkskiffk2ks2pj8k5d2820k62c8mfk5vk5jrkcw2ckskng8kskc3kp4o27b2pilk0ka4i42pkh27kb Show response
fs-loader.com/content/www.bleepingcomputer.com/-1/70/274/a/ 0
452 B 52ms
51ms XHR
text/plain 172.67.70.136
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://fs-loader.com/content/www.bleepingcomputer.com/-1/70/274/a/vkdsgkckckjkskiffk2ks2pj8k5d2820k62c8mfk5vk5jrkcw2ckskng8kskc3kp4o27b2pilk0ka4i42pkh27kb
Requested by: Host: fs-loader.com
URL: https://fs-loader.com/script/www.bleepingcomputer.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qsh1LR4adnk4%2Bvp2Q4JtSZkB%2Bmh9JgENoI1jaIaKnifhjU%2FpHhqvVeX65as5P64%2F5A5fHHHULS67xeZgp5IXCZeiKTslDvBORqjxBcb%2FgEmc49dVtdG%2Fv1BGquNyFnI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, PATCH, OPTIONS, DELETE
x-as-version: v6.10.250
server-timing: cfL4;desc="?proto=TCP&rtt=12482&min_rtt=7030&rtt_var=11172&sent=19&recv=16&lost=0&retrans=0&sent_bytes=11928&recv_bytes=3968&delivery_rate=1086271&cwnd=256&unsent_bytes=0&cid=2f3be89c27c1bd44&ts=1087&x=0"
date: Thu, 15 May 2025 16:24:48 GMT
content-type: text/plain;charset=UTF-8
vary: Origin, Accept-Encoding
access-control-allow-headers: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
cf-ray: 9403fcd79d3f8224-IAD
access-control-allow-origin: https://www.bleepingcomputer.com
content-length: 0
server: cloudflare

GET
H2 200 bounce Show response
id5-sync.com/ 29 B
462 B 361ms
176ms Fetch
text/plain 162.19.138.116
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.bleepingcomputer.com
p3p: CP="CAO PSA OUR"
date: Thu, 15 May 2025 16:24:48 GMT
content-type: text/plain;charset=utf-8
vary: Origin

GET v1
lbs.eu-1-id5-sync.com/lbs/ 0
0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 45 B
296 B 360ms
177ms Fetch
application/json 141.95.33.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

48aef5d3fd286c383699cbffe5292d90f0f04de12657c8dfb2be4162b8793028

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.bleepingcomputer.com
date: Thu, 15 May 2025 16:24:48 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 v3 Show response
id5-sync.com/gm/ 1 KB
2 KB 181ms
180ms XHR
application/json 162.19.138.116
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

96fb0a95004de20dd6966cabf7ce01e2f38ebc13e1bd6d2fc839b0dd82354e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.bleepingcomputer.com
p3p: CP="CAO PSA OUR"
date: Thu, 15 May 2025 16:24:49 GMT
content-type: application/json
vary: Origin

GET targeting
na.edge.optable.co/v2/ 0
0

POST
H/1.1 200
OK collect
cdn.firstimpression.io/tracking/ 2 B
612 B 75ms
74ms Ping
text/plain 3.167.99.47
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.firstimpression.io/tracking/collect?b=1
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.99.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-99-47.iad55.r.cloudfront.net
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer

Response headers

x-ioriver: Cloudfront
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: OPTIONS, GET, POST
Via: 1.1 71b24e89f6f9e648d6cc206b3f6cc3da.cloudfront.net (CloudFront)
Access-Control-Request-Method: *
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
X-Cache: Miss from cloudfront
Content-Length: 2
X-Amz-Cf-Id: srpS9ikmGf0LRiqSw4zTSgIG7So33UkGEap3a0aNCcIQhbZZIkCrwQ==
Date: Thu, 15 May 2025 16:24:57 GMT
Content-Type: text/plain
X-Amz-Cf-Pop: IAD55-P7
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: na.edge.optable.co
URL: https://na.edge.optable.co/config?osdk=web-v0.34.0&sid=oorVlRFc2q-7LMlxU7-MYw&t=freestar-auth&o=bleepingcomputer-com&cookies=no&passport=

Domain: na.edge.optable.co
URL: https://na.edge.optable.co/v2/targeting?id=__ip__&osdk=web-v0.34.0&sid=5lQ7Wmn3SLA94mrEC4_DVg&t=freestar&o=bleepingcomputer-com&cookies=no&passport=

Domain: na.edge.optable.co
URL: https://na.edge.optable.co/v2/targeting?id=__passport__&osdk=web-v0.34.0&sid=oorVlRFc2q-7LMlxU7-MYw&t=freestar-auth&o=bleepingcomputer-com&cookies=no&passport=

Domain: capi.connatix.com
URL: https://capi.connatix.com/core/sync

Domain: cds.connatix.com
URL: https://cds.connatix.com/p/583177/player.ui.js

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: lbs.eu-1-id5-sync.com
URL: https://lbs.eu-1-id5-sync.com/lbs/v1

Domain: na.edge.optable.co
URL: https://na.edge.optable.co/v2/targeting?id=id5%3AID5*XiZu0LXHvvR44OntfWd8f0Zj2xKzMmN8hV1b4C9lnnIZi8byKAsBmfLYHYsuon_P&osdk=web-v0.34.0&sid=42At3TVElf0lAJqJw0lxFA&t=freestar-id5&o=bleepingcomputer-com&cookies=no&passport=

Verdicts & Comments Add Verdict or Comment

99 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bleepingcomputer.com/	1969-12-31 23:59:59	Name: session_id Value: f6c950b977ffba73f21727ae502420fe
www.bleepingcomputer.com/	1970-01-21 06:05:18	Name: lav Value: 22703
.pub.network/	1970-01-21 14:58:06	Name: _fsuid Value: ed8b1049-e6db-4583-bb19-ab14c5d8a582
.bleepingcomputer.com/	1970-01-21 14:58:06	Name: _ga_GD465VRQLD Value: GS2.1.s1747326287$o1$g0$t1747326287$j0$l0$h0
.bleepingcomputer.com/	1970-01-21 14:58:06	Name: _ga Value: GA1.1.545817626.1747326287
cdn.firstimpression.io/	1970-01-21 14:07:42	Name: OAID Value: e9bb8d93f696ba70fb4e60975d361719
.doubleclick.net/	1970-01-21 05:22:07	Name: test_cookie Value: CheckForPermission
.connatix.com/	1970-01-21 06:05:18	Name: cnx_userId Value: 1-0ff87206659b4c7894c2e0c25875a85d
.id5-sync.com/	1970-01-21 07:31:42	Name: id5 Value: 483086ed-4106-7e5a-9991-5b848507e635#1747326288918#2

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0909D059C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://fs-loader.com/content/www.bleepingcomputer.com/-1/70/274/209/a/vkdsgkckckjkskiff24k6k2ks2pj8k5d2820k62c8mfg28k5jkcg2p2cg282c0 Message: Failed to load resource: the server responded with a status of 530 ()
rendering	warning	URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0609D059C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct(Line 9) Message: WebSocket connection to 'wss://testerr.escalated.io/testerr191i' failed:
rendering	warning	URL: about:blank Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E01C009C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript	error	URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/ Message: Access to fetch at 'https://na.edge.optable.co/v2/targeting?id=__ip__&osdk=web-v0.34.0&sid=5lQ7Wmn3SLA94mrEC4_DVg&t=freestar&o=bleepingcomputer-com&cookies=no&passport=' from origin 'https://www.bleepingcomputer.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://na.edge.optable.co/v2/targeting?id=__ip__&osdk=web-v0.34.0&sid=5lQ7Wmn3SLA94mrEC4_DVg&t=freestar&o=bleepingcomputer-com&cookies=no&passport= Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/ Message: Access to fetch at 'https://na.edge.optable.co/config?osdk=web-v0.34.0&sid=oorVlRFc2q-7LMlxU7-MYw&t=freestar-auth&o=bleepingcomputer-com&cookies=no&passport=' from origin 'https://www.bleepingcomputer.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://na.edge.optable.co/config?osdk=web-v0.34.0&sid=oorVlRFc2q-7LMlxU7-MYw&t=freestar-auth&o=bleepingcomputer-com&cookies=no&passport= Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.bleepingcomputer.com/news/security/iclicker-hack-targeted-students-with-malware-via-fake-captcha/ Message: Access to fetch at 'https://na.edge.optable.co/v2/targeting?id=__passport__&osdk=web-v0.34.0&sid=oorVlRFc2q-7LMlxU7-MYw&t=freestar-auth&o=bleepingcomputer-com&cookies=no&passport=' from origin 'https://www.bleepingcomputer.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://na.edge.optable.co/v2/targeting?id=__passport__&osdk=web-v0.34.0&sid=oorVlRFc2q-7LMlxU7-MYw&t=freestar-auth&o=bleepingcomputer-com&cookies=no&passport= Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://fs-loader.com/content/www.bleepingcomputer.com/-1/70/274/a/vkdsgkckckjkskiffk2ks2pj8k5d2820k62c8mfk5vk5jrkcw2ckskng8kskc3kp4o27b2pilk0ka4i42pkh27kb Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://lbs.eu-1-id5-sync.com/lbs/v1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: about:blank Message: Access to fetch at 'https://na.edge.optable.co/v2/targeting?id=id5%3AID5*XiZu0LXHvvR44OntfWd8f0Zj2xKzMmN8hV1b4C9lnnIZi8byKAsBmfLYHYsuon_P&osdk=web-v0.34.0&sid=42At3TVElf0lAJqJw0lxFA&t=freestar-id5&o=bleepingcomputer-com&cookies=no&passport=' from origin 'https://www.bleepingcomputer.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://na.edge.optable.co/v2/targeting?id=id5%3AID5XiZu0LXHvvR44OntfWd8f0Zj2xKzMmN8hV1b4C9lnnIZi8byKAsBmfLYHYsuon_P&osdk=web-v0.34.0&sid=42At3TVElf0lAJqJw0lxFA&t=freestar-id5&o=bleepingcomputer-com&cookies=no&passport= Message*: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
c.pub.network
capi.connatix.com
cd.connatix.com
cdn.confiant-integrations.net
cdn.firstimpression.io
cdn.id5-sync.com
cds.connatix.com
d.pub.network
ecdn.analysis.fi
ecdn.firstimpression.io
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
freestar.solutions.cdn.optable.co
fs-loader.com
googleads.g.doubleclick.net
id5-sync.com
imasdk.googleapis.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
na.edge.optable.co
optimise.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.criteo.net
tag.escalated.io
vid.connatix.com
widgets.outbrain.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
capi.connatix.com
cds.connatix.com
imasdk.googleapis.com
lbs.eu-1-id5-sync.com
na.edge.optable.co
104.18.20.206
104.18.41.104
104.20.185.56
104.22.5.65
104.22.52.86
104.26.12.6
130.211.23.194
141.95.33.120
142.250.31.132
142.250.31.155
142.251.111.104
142.251.111.95
142.251.16.138
142.251.16.94
142.251.167.157
142.251.179.97
162.19.138.116
172.253.122.94
172.253.62.157
172.253.63.155
172.64.144.166
172.64.146.152
172.67.41.60
172.67.70.136
192.178.155.149
23.62.165.92
3.131.10.225
3.167.99.47
3.167.99.7
3.171.76.44
34.111.152.239
34.160.152.31
35.244.192.210
74.119.117.47
02d11730632423a78c31ba1142441c96f7584af4efbeeaa46284b57cf89fee7d
0437d361c7a504a8985fd7a65a27ee31abbd9ad65a9af9dad02c4f2f3b8f8de2
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0fad3b1bced72da2d8abd6bd616e7ca419496e800c488dd39087370ba5093e0a
1222c171f51afb03d90e701e6d1a9dbdbe31514f57c26b689f4e230ef328391f
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
24f6cc21c375ef55e2ced72154ea2209c38cdd3c31dff21073e82cab58bc4317
27596fbe73dd6b60458b5718492a6f8b95c3efc4c09a3325ad2035a47a9712e7
2f87799dbd030bc2afba370ebf33028a075e9c15d6177f1728acc1b47136fba2
30f4e2ca519c90e28b9e1ca27a7e85321f2ce20480a5a87de53c4493cf6bc9dc
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
3b0b06a747142a45b45bf5b3dd9ecaf881bcfa83cd922e41c7570f76a53a3f28
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718
4461c6adc3e598761f2b18f92d604320819bdadf1451e6286f205f63787b24ad
46df571cd4f45ab1dc6700a97785973edd29964bf3572c79d0f9756dedf06f3c
48aef5d3fd286c383699cbffe5292d90f0f04de12657c8dfb2be4162b8793028
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4958ade9a5818fee106ac79b2bb5afc63af2f2dd20a9fab7b2cbbc42c2c09501
49c11d91b14834ea991c1b475e3a3d845c190189db1f99bf186b6cafec9d8ca9
4d122f37ef0a69023be64b234fdd729f771f8c96ac94180cd964f2a11642976e
4d1dbabed68b7b6512344bcd403c99b6b584d44bec9842e84b30f98739306d76
4ef3965e4d115e0c67be8adef6f4ad85596f091e636f33957f7866b9c84cd294
53889c58afca45422463198a257dfcb2ad352f6a593fad93ec666bf0eecf1fe3
55dcd0399bc75ef1c286cc76582692fd10d69fc9cb024ef98c8cf40331aaf5db
562c43a418c6b095f1829e3b0b8817240028d3a9fe9b4935d27735ac16f47a93
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e65b8c9cfce3fb3b8de32c58e1d61dfaa0476889f4280fa0e3b9c869fdae464
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5fd5fd1a42f15157c28f136045f153850cc59bb28c2fb7d7b0e4afb433569f7a
60df7334834a1bcb816799f1486abdea83e23b12658dc370b41ac46c6b938ca9
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
682dc9a9f4e97293302968e7f4956b4096978d2d2a9257a49df8d0ddc3c5e396
6a424c24d87ae73ecbad531f24cb79757d3cf02f67e3251810530e645f14d791
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6ef1129ab0e3580f06c8974130d0891804e5609ae72c93825cc94bffafe49ea1
711a1dedcfcb3297a7546927e04a9f1716ef81b9885c83e1ccc6559090dab6cb
763429cfe4867730a9f060d45db2b21adb69036509654659faa0c6b532e18775
7945a016863643f7dcba9d9052700f792f2aa7573773c1e54e75ad796e5f0697
7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b
7a90fa0078637d089de63716c2d3ac50c09edc8596a51b09fb6fd38b6c791b37
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7dd6cd6a3623ad24eeec007a81adcdb51343e5df67f76b2529917fd678533bab
7df27f3a4722eefdd52d8f9a56f71ca08e54e684a3993d74131d1a05c7b94e4b
8303fc719c3e15bf0e0e6d912c8f7b2f007c48f34bb17425da3d04288be333ba
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
860539ec4f3ee0e11aa746e6d001bfce5654a5b6101563e17cfa4716cfdc4335
863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509
8b93de3f2b9d3eacee30474db6fbf12e0a9220b9c1171a8928a6e78f9ce43e4a
8f6189b44d3c306350076efee741fa078c369ac7718e35de07dc5c9ebac20259
92e47bb86596706812879f148d3b5c4e26d7bf85080ed93313eb28cf019e3dcd
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
96fb0a95004de20dd6966cabf7ce01e2f38ebc13e1bd6d2fc839b0dd82354e4f
99ea9369c9b90d2458a8537f24dfda1164b799a99eb566c5d15187102a920cc2
9ae4412827630be9431595094d96e7008781746237bd79449b6bb2f95f91a727
9b15822ec82ff6854192041eba92417285e5995858101ce59745f9051c757ec1
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949
9fade7346604adef48d6867199eeffff71ab2cb1e884dc166d25267b69d51bb3
a182045cb35073f1d6afb0a128ffad2a7b7878f56e19309ac7e0f23ef9dd1503
a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc
a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b
a879cdbd44c63f9f958164e08a67ef52e5e1119bd2cc171eb4c25c311c98c33d
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ac705f6949eea5f14bc9054d8b4c488e28fe0069488dd3be608d3e08962227f5
ac7a0da5c4d856b026aa57737580b265a96014c153213717fb4cf5a4fb3c60e0
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b63d046811474bfb57375ef7981569d61e827852e5f95760c43de01f67639fda
b76cbc969c7c82e75c421e174224d789946300b96001ad530ccf22d630779aa9
b7e6cd975a12571d6c31e90025ae248e62e951fd4482e51fcd5330329c873a9c
b8f0ca68362cf245f891fc09ddfa50806d195e78e196cf96ac5d9cf72be2577a
b97594b67e1f38a7d282fabe5760651d1bdd8025867b5bce1d0d0b1016168c06
ba9d9cdbef4e87f339fc01c9171f2047e6c8a11ad4e4f8c28171d05111ded0f6
bac85e662bff5e8d94bea12a289d12303c46f0d2d0cf4ba25e8feb1ea8ac5996
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2347c04737c6ffb595533feff266286e7697640cf040278e8ee36df8a2b58c8
c6edc0a66e5e7b2ce8f7c40a3d1184cccd529f719137e2265b60206adaec4e74
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6338dec0d7467d4c9437a973c5ae9f4e7992d2090cd57f9c2467892ad3ff19
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2
deaa9f5c4d4fa7de7c794a5df1538e4b16f7d954857ed13a88eddbc8f9bb5508
ded8ccc0bf2159ddbcda148611365dd27ddbca253518d5a939a6b9159263416e
e32819821f59636d8489068a52f5deebf981b9ada4f2cac7631850b90ff58999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b44750220d727c090989a6db1b914c5caf31d0dc9b146ad8f61f248933aa04
e5aa8fa9c7d3da1ba562f674abf3e8d18ec240fcbcf7840ef3459a2c6125a23e
ee76589e38c86be29d55879316a40510e796d3e900e3a0c3fb007f49edfd5b25
ee9b2fe75e3a5637b840957e2f9aefedb394224a1846a731ad7ead76abf91d58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef815817fec6e1cddbfc703cb4a73e6af6d7ed1a8ee24b8460485948efcb3f7b
efe527cf424c7710e87f51d6fe0cff69843ba1a5af5e939f04eda7a8ac76e8b8
f15ba8852458b9db6b12c3c6889b111e4204bd162357a86e30bac2dbd6b7ffdb
f2c50a16459c96e45c44e339dba2764807e8c3a174cdd8804f3fbee6a6b19198
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.bleepingcomputer.com 104.20.185.56 Public Scan Open in urlscan Pro

Internal

Effective Hostname

Submitted URL

Effective IP

Summary

urlscan.io Verdict: No classification

Domain & IP information

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

www.bleepingcomputer.com
104.20.185.56 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

126
Requests

92 %
HTTPS

0 %
IPv6

25
Domains

40
Subdomains

34
IPs

3
Countries

2803 kB
Transfer

8379 kB
Size

9
Cookies

126 HTTP transactions
3 data transactions