URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Submission Tags: falconsandbox
Submission: On June 29 via api from US — Scanned from DE

Summary

This website contacted 24 IPs in 7 countries across 24 domains to perform 237 HTTP transactions. The main IP is 2606:4700:20::ac43:4810, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.redpacketsecurity.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2022. Valid for: a year.
This is the only time www.redpacketsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
66 2606:4700:20:... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
4 149.154.164.13 62041 (TELEGRAM)
15 2a00:1450:400... 15169 (GOOGLE)
1 1 172.217.18.98 15169 (GOOGLE)
2 26 2a00:1450:400... 15169 (GOOGLE)
7 12 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 104.222.176.10 6762 (SEABONE-N...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 37.157.4.40 198622 (ADFORM)
2 5 2620:116:800d... 16509 (AMAZON-02)
1 1 3.122.145.17 16509 (AMAZON-02)
23 142.250.185.130 15169 (GOOGLE)
5 5 104.89.42.102 16625 (AKAMAI-AS)
5 35.186.253.211 15169 (GOOGLE)
5 185.64.190.78 62713 (AS-PUBMATIC)
5 5 69.173.144.138 26667 (RUBICONPR...)
6 6 104.18.19.126 13335 (CLOUDFLAR...)
3 3 34.251.55.128 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
237 24
Apex Domain
Subdomains
Transfer
66 redpacketsecurity.com
www.redpacketsecurity.com
1 MB
49 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
161 KB
41 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
350 KB
22 gstatic.com
fonts.gstatic.com
www.gstatic.com
316 KB
15 google.com
www.google.com — Cisco Umbrella Rank: 8
analytics.google.com — Cisco Umbrella Rank: 541
adservice.google.com — Cisco Umbrella Rank: 92
2 KB
10 tg.dev
tg.dev — Cisco Umbrella Rank: 78739
oauth.tg.dev — Cisco Umbrella Rank: 78882
169 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
80 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576
6 KB
5 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
2 KB
5 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 629
330 B
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1589
676 B
5 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1872
4 KB
5 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1107
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
212 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5448
adservice.google.de — Cisco Umbrella Rank: 7751
914 B
4 comments.app
comments.app — Cisco Umbrella Rank: 685769
48 KB
3 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 3023
1 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
partner.googleadservices.com — Cisco Umbrella Rank: 867
1 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1325
11 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 635
98 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 907
356 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 557
757 B
1 seadform.net
track.seadform.net — Cisco Umbrella Rank: 107728
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
237 24
Domain Requested by
66 www.redpacketsecurity.com www.redpacketsecurity.com
static.cloudflareinsights.com
26 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
25 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
23 cm.g.doubleclick.net googleads.g.doubleclick.net
15 pagead2.googlesyndication.com www.redpacketsecurity.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
13 www.gstatic.com googleads.g.doubleclick.net
12 www.google.com 7 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
9 tg.dev comments.app
9 fonts.gstatic.com fonts.googleapis.com
9 fonts.googleapis.com www.redpacketsecurity.com
comments.app
tg.dev
googleads.g.doubleclick.net
6 ssum-sec.casalemedia.com 6 redirects
5 pixel.rubiconproject.com 5 redirects
5 image6.pubmatic.com googleads.g.doubleclick.net
5 rtb.openx.net googleads.g.doubleclick.net
5 e.dlx.addthis.com 5 redirects
5 cms.quantserve.com 2 redirects googleads.g.doubleclick.net
5 www.googletagservices.com googleads.g.doubleclick.net
4 comments.app www.redpacketsecurity.com
comments.app
3 pixel.everesttech.net 3 redirects
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google.de
2 static.cloudflareinsights.com www.redpacketsecurity.com
1 id.rlcdn.com googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 track.seadform.net googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 oauth.tg.dev comments.app
1 stats.g.doubleclick.net www.redpacketsecurity.com
1 analytics.google.com www.redpacketsecurity.com
1 www.googleadservices.com 1 redirects
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
237 33
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-17 -
2023-06-17
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.comments.app
Go Daddy Secure Certificate Authority - G2
2022-03-30 -
2023-05-01
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.tg.dev
Go Daddy Secure Certificate Authority - G2
2022-04-08 -
2023-05-10
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.de
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.seadform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-11-04
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-24 -
2023-03-27
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh

This page contains 25 frames:

Primary Page: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Frame ID: 37DA7CC45EDC643D46C8CF6C49CC5F4A
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/zrt_lookup.html
Frame ID: 4BEE4C444221D3E9774ECB85E408DFD7
Requests: 1 HTTP requests in this frame

Frame: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Frame ID: C5F51F8EBFF1E8DFA24ADAF12F91A865
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&adk=1812271804&adf=3025194257&lmt=1656500643&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039165&bpp=3&bdt=902&idt=385&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8545601013669&frm=20&pv=2&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=405
Frame ID: B6BF914E21617856865413DC9D432F8A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=401700074&adf=3899895289&pi=t.aa~a.1129142743~i.8~rp.1&w=1038&fwrn=4&fwrnh=100&lmt=1656500643&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6266461316&psa=0&ad_type=text_image&format=1038x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rh=200&rw=1037&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=3&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0&nras=2&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=90&ady=1541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=V9qQDhEz1r&p=https%3A//www.redpacketsecurity.com&dtd=19
Frame ID: 0938F03A4EE0DB7EF09D4C3B1B48023C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Frame ID: 6E767EA2D55704F4EF50BC8C5A116342
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Frame ID: 3129C696A27581A3B6CA3DD703CB54F8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Frame ID: 5CDAB9B4D6C22BE7495986050F9D3E1D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Frame ID: 3FF1B8990A92A1377F57B14FB95A7A6C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Frame ID: D9C8D8823DA63D9F7F4834ECF5FA1FBB
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 374115496D825D70F56DF16CB4936605
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 43EC0CF187AC4959B4B056A997823284
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5C4A9FD4F71BBD18702E9582C94859C1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D29FD39FC7D5C7B71A4A034BF1FCF28D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 86630576E62BDDE2D5A1516EE7BF7AEE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C37E41185E8E3808159B309AC494392F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D6686D0E5BE9999175B4590827A040CB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 047F6B2AF03FFBD8BB070125FC8F8A28
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AFECB13A071443EB06C7CA62BC3B5250
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A8014F7E22C85004A3E25F43C59259BB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
Frame ID: 394D0DFDFDBC79A581535FFFDA8E686B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A2263B92B9AB842F471ACDDB4E2C2552
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 221C24BFEC7122CFFD034ADAE2790103
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
Frame ID: BC45974917D3BC03360F70BAC2A12B56
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
Frame ID: E4158CDB19ABD90173D7CC79276BC309
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Black Basta Ransomware Victim: New Peoples Bank - RedPacket Security

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns


Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

237
Requests

91 %
HTTPS

52 %
IPv6

24
Domains

33
Subdomains

24
IPs

7
Countries

2418 kB
Transfer

6248 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://www.googleadservices.com/pagead/conversion/4209956877/?guid=ON&random=1656509525378&fst=1656509038886&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&tiba=Black+Basta+Ransomware+Victim%3A+New+Peoples+Bank+-+RedPacket+Security&u_tz=0&u_his=10&ig=1 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4209956877/?guid=ON&random=649849245&fst=1656509038886&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&tiba=Black+Basta+Ransomware+Victim%3A+New+Peoples+Bank+-+RedPacket+Security&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=b1K8YoLrDJW-lgSR2JWoAg&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/4209956877/?guid=ON&random=649849245&fst=1656509038886&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&tiba=Black+Basta+Ransomware+Victim%3A+New+Peoples+Bank+-+RedPacket+Security&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b1K8YoLrDJW-lgSR2JWoAg&cid=CAQSKQCNIrLMJtLOrYkq2ht4jVwo8p0PgHoFAG6_I-1pAAnutWnUdvCSTY-X&random=2324084328 HTTP 302
  • https://www.google.de/pagead/1p-conversion/4209956877/?guid=ON&random=649849245&fst=1656509038886&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&tiba=Black+Basta+Ransomware+Victim%3A+New+Peoples+Bank+-+RedPacket+Security&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b1K8YoLrDJW-lgSR2JWoAg&cid=CAQSKQCNIrLMJtLOrYkq2ht4jVwo8p0PgHoFAG6_I-1pAAnutWnUdvCSTY-X&random=2324084328&ipr=y&prhg=0
Request Chain 64
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4209956877/?guid=ON&random=1656509525378&fst=1656509038886&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&tiba=Black+Basta+Ransomware+Victim%3A+New+Peoples+Bank+-+RedPacket+Security&u_tz=0&u_his=10&ig=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/4209956877/?guid=ON&random=1656509525378&fst=1656507600000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&tiba=Black+Basta+Ransomware+Victim%3A+New+Peoples+Bank+-+RedPacket+Security&u_tz=0&u_his=10&is_vtc=1&random=2190249940 HTTP 302
  • https://www.google.de/pagead/1p-user-list/4209956877/?guid=ON&random=1656509525378&fst=1656507600000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&tiba=Black+Basta+Ransomware+Victim%3A+New+Peoples+Bank+-+RedPacket+Security&u_tz=0&u_his=10&is_vtc=1&random=2190249940&ipr=y
Request Chain 146
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJo_LOFA_6oW7ZGCUvk5lr0&google_cver=1&google_push=ARnp8GBP4NzpIufufHhR1ucO5YhjGxxhktXxyTO-jQpvvaVnZyeGUoNVHfoNDLOY0rEl2e8_hsZU30HRoe1x-OyMKgdzldxb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GBP4NzpIufufHhR1ucO5YhjGxxhktXxyTO-jQpvvaVnZyeGUoNVHfoNDLOY0rEl2e8_hsZU30HRoe1x-OyMKgdzldxb&google_hm=Q0FFU0VKb19MT0ZBXzZvVzdaR0NVdms1bHIw
Request Chain 147
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GCmDfg2STzNTPqbE7dCdu2arkxVhEjMhTphsQBHvuJva5TzarQYqzM7jrWZDz56ZZKiAQX0pj1xLGLI9cgqPPbVK2DJ3A&google_gid=CAESEOC7aVQYe_xW0QJcD8F2QJs&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GCmDfg2STzNTPqbE7dCdu2arkxVhEjMhTphsQBHvuJva5TzarQYqzM7jrWZDz56ZZKiAQX0pj1xLGLI9cgqPPbVK2DJ3A&google_gid=CAESEOC7aVQYe_xW0QJcD8F2QJs&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjkxMzI0MDEwMDA2OTQ2MjYzODE5Mg%3D%3D&google_push=ARnp8GCmDfg2STzNTPqbE7dCdu2arkxVhEjMhTphsQBHvuJva5TzarQYqzM7jrWZDz56ZZKiAQX0pj1xLGLI9cgqPPbVK2DJ3A
Request Chain 150
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMTrQVCe8oUW4Of8YryJf6E&google_cver=1&google_push=ARnp8GA_cvbV35btVhUHuXMcC9tAFsyFQmA8ccKrCWtnJLpx6ZrQvW4I10Jiz8akGmFEI5-rJhiPdd9WgZ7vfKo5Op6G4SF7CA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPNjUtMVQtS0pCUg==&google_push=ARnp8GA_cvbV35btVhUHuXMcC9tAFsyFQmA8ccKrCWtnJLpx6ZrQvW4I10Jiz8akGmFEI5-rJhiPdd9WgZ7vfKo5Op6G4SF7CA
Request Chain 151
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_cver=1&google_push=ARnp8GBYUPWF6RqF-hrsUZJD2lXSpoqjTwuNzAJKoX0mT_Bw7QynsJKvKSDO9nv8a4Q0aUWC5h-twnwboPu0GgFworLtVXl6FQ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_push=ARnp8GBYUPWF6RqF-hrsUZJD2lXSpoqjTwuNzAJKoX0mT_Bw7QynsJKvKSDO9nv8a4Q0aUWC5h-twnwboPu0GgFworLtVXl6FQ&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GBYUPWF6RqF-hrsUZJD2lXSpoqjTwuNzAJKoX0mT_Bw7QynsJKvKSDO9nv8a4Q0aUWC5h-twnwboPu0GgFworLtVXl6FQ
Request Chain 153
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 159
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GCBxF1LE9ShBPbtImLghDWNIrnOFUaJ5st29C9yeAWdreVVTihNuu0yTTZof7O1p69j4w21jcNG3jy3zTO_BuDzhqJll_Bm&google_gid=CAESEA2h4_qIYXqXlz5s4N9m-4k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJ4U2NBQUFCWUczaXpmWA&google_push=ARnp8GCBxF1LE9ShBPbtImLghDWNIrnOFUaJ5st29C9yeAWdreVVTihNuu0yTTZof7O1p69j4w21jcNG3jy3zTO_BuDzhqJll_Bm
Request Chain 163
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMTrQVCe8oUW4Of8YryJf6E&google_cver=1&google_push=ARnp8GBxGW8PZZqqgCjyrXOb02oSNUxZl3IxQkDVv10Ev1Figby1cavS8QzecgKocjC-8M9MoqQw1b9xkkJhbZyxUFmXyz5lgvY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPN0EtSC1HWFhH&google_push=ARnp8GBxGW8PZZqqgCjyrXOb02oSNUxZl3IxQkDVv10Ev1Figby1cavS8QzecgKocjC-8M9MoqQw1b9xkkJhbZyxUFmXyz5lgvY
Request Chain 164
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_cver=1&google_push=ARnp8GAb2A-WpGCW2P8yCxiZgdmCFnfDx_CzP95WHebrMfZJxIpkaxCb0WHhC6vmDmuHP-Rc4qDzRSENSg05LRNNLfKpWOmI6Fg HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_push=ARnp8GAb2A-WpGCW2P8yCxiZgdmCFnfDx_CzP95WHebrMfZJxIpkaxCb0WHhC6vmDmuHP-Rc4qDzRSENSg05LRNNLfKpWOmI6Fg&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GAb2A-WpGCW2P8yCxiZgdmCFnfDx_CzP95WHebrMfZJxIpkaxCb0WHhC6vmDmuHP-Rc4qDzRSENSg05LRNNLfKpWOmI6Fg
Request Chain 166
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 183
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJBdCjHWMPPJM6f4gBGC0Go&google_cver=1&google_push=ARnp8GBXE7u4SeChcjkuqj-fcwb7Vr0srqXfhptgwEgqq4yh7IEjXYisewSDNmosEUWSDk_9i713fdgK8LikziURe940d5kjmW8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBXE7u4SeChcjkuqj-fcwb7Vr0srqXfhptgwEgqq4yh7IEjXYisewSDNmosEUWSDk_9i713fdgK8LikziURe940d5kjmW8&google_hm=h4YN7soN0COg411ipe3mvQ
Request Chain 184
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GADZM7MzgBN6CWOTcoCcMOFLrZLHqX3CAILV2HQzDFQYolbTzqjmo6gmWqIr1VMe1TYvs97LCLSeFk-lSXMRoq1fcvz0lxQ&google_gid=CAESEA2h4_qIYXqXlz5s4N9m-4k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJ4U2NRQUFCRmJ3em1vSg&google_push=ARnp8GADZM7MzgBN6CWOTcoCcMOFLrZLHqX3CAILV2HQzDFQYolbTzqjmo6gmWqIr1VMe1TYvs97LCLSeFk-lSXMRoq1fcvz0lxQ
Request Chain 185
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GCtkzHedzMmocKr6RNPG9Lktrew_gBSJigYizaf_-x_elEvaXOiGFzdX1V11d4zkHbNRg-dhmM_UnLSLmyT0QyJu8YP8Ao&google_gid=CAESEOC7aVQYe_xW0QJcD8F2QJs&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GCtkzHedzMmocKr6RNPG9Lktrew_gBSJigYizaf_-x_elEvaXOiGFzdX1V11d4zkHbNRg-dhmM_UnLSLmyT0QyJu8YP8Ao&google_gid=CAESEOC7aVQYe_xW0QJcD8F2QJs&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjkxMzI0MDEwMDAxMjk2MzA3Njc1Mw%3D%3D&google_push=ARnp8GCtkzHedzMmocKr6RNPG9Lktrew_gBSJigYizaf_-x_elEvaXOiGFzdX1V11d4zkHbNRg-dhmM_UnLSLmyT0QyJu8YP8Ao
Request Chain 188
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMTrQVCe8oUW4Of8YryJf6E&google_cver=1&google_push=ARnp8GDMx0MTPySSx2a9AfBolsMHHFE0urEfSuORj56x5pJG09ZXWfVaKPnkJtOfyo6MObdW0-1KAeW2XXcehQVc4Co6tJ8wNjfs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPQzMtMVQtTEhYTA==&google_push=ARnp8GDMx0MTPySSx2a9AfBolsMHHFE0urEfSuORj56x5pJG09ZXWfVaKPnkJtOfyo6MObdW0-1KAeW2XXcehQVc4Co6tJ8wNjfs
Request Chain 191
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 208
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GBF3cEnCp5IzXMgC5KDe_DAce_c26-mj1EzvE8Pg11M5XlGc5rgW-Q0Vj8HbctcHGFRB82Zwb8cWq1ndJcbrUEUvHN5TIB3&google_gid=CAESEA2h4_qIYXqXlz5s4N9m-4k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJ4U2NRQUFCUkVtWTF0Rg&google_push=ARnp8GBF3cEnCp5IzXMgC5KDe_DAce_c26-mj1EzvE8Pg11M5XlGc5rgW-Q0Vj8HbctcHGFRB82Zwb8cWq1ndJcbrUEUvHN5TIB3
Request Chain 209
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAopUh-0oDaBJgdVO_8_BMh3kdRiaQRxM6k3iuOVZbOn9h9YVdxrUVL2MyfGkmGDhaSl6ICF8AVyolVKYyBDC7rRulNdwvg&google_gid=CAESEOC7aVQYe_xW0QJcD8F2QJs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjkxMzI0MDEwMDAxNjE0NDI1MTM5OQ%3D%3D&google_push=ARnp8GAopUh-0oDaBJgdVO_8_BMh3kdRiaQRxM6k3iuOVZbOn9h9YVdxrUVL2MyfGkmGDhaSl6ICF8AVyolVKYyBDC7rRulNdwvg
Request Chain 212
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMTrQVCe8oUW4Of8YryJf6E&google_cver=1&google_push=ARnp8GAqP2n4GY-Eey8zcCuKezjmF33ROxGU2A8iu4gEi3Y7f-DajQF1bY1aStMXDjOB_xGE59foxKd8ZPROezkH0kMNIV6znJyn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPSFQtUS00Vjc3&google_push=ARnp8GAqP2n4GY-Eey8zcCuKezjmF33ROxGU2A8iu4gEi3Y7f-DajQF1bY1aStMXDjOB_xGE59foxKd8ZPROezkH0kMNIV6znJyn
Request Chain 213
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_cver=1&google_push=ARnp8GBT1FFLz6BonakW8bCh4B6WgVs_ji5uDjJI0zpZtDsLDdhdDIMlDT3OICXRda4EfD9BGPJSQlYSXh3ClnN3ehPjweP4uIWB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GBT1FFLz6BonakW8bCh4B6WgVs_ji5uDjJI0zpZtDsLDdhdDIMlDT3OICXRda4EfD9BGPJSQlYSXh3ClnN3ehPjweP4uIWB
Request Chain 216
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 232
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJBdCjHWMPPJM6f4gBGC0Go&google_cver=1&google_push=ARnp8GBzK59kKV_KBSPWQ361LrT4usRcslaM-YugbZq2BVpzaSjd5M3dTfqhLTwSd87ivetCki1UZDtaamu0QltzoIrK7H4eN7p5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBzK59kKV_KBSPWQ361LrT4usRcslaM-YugbZq2BVpzaSjd5M3dTfqhLTwSd87ivetCki1UZDtaamu0QltzoIrK7H4eN7p5&google_hm=h4YN7soN0COg411ipe3mvQ
Request Chain 236
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMTrQVCe8oUW4Of8YryJf6E&google_cver=1&google_push=ARnp8GDUCC1J0aK-ptxXWiikQdpaI_iLywoHWqfEjArntKf8uYp0OABfJ8Czl6KsowNYwgYJZo7DZmR33LP-CQb6UmGpJizwzjhw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPT1ctTC03MUJV&google_push=ARnp8GDUCC1J0aK-ptxXWiikQdpaI_iLywoHWqfEjArntKf8uYp0OABfJ8Czl6KsowNYwgYJZo7DZmR33LP-CQb6UmGpJizwzjhw
Request Chain 237
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_cver=1&google_push=ARnp8GBmO5RBW3blc7HDvec-SxD18kSqA44GFpF_iOJ9gWWBrh2N-Dx9tWxIdA5DMaKk_GqxEZdbZv1PMwX_OdpwFmBCUljLBqL6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GBmO5RBW3blc7HDvec-SxD18kSqA44GFpF_iOJ9gWWBrh2N-Dx9tWxIdA5DMaKk_GqxEZdbZv1PMwX_OdpwFmBCUljLBqL6
Request Chain 240
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

237 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
147 KB
30 KB
Document
General
Full URL
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30 PleskLin
Resource Hash
4bac530874a51f6c07f2e956b8b534c5947e13f3f6e9a15c7684cc7352051c28
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=43200
cf-apo-via
origin,miss
cf-cache-status
MISS
cf-ray
722efaccda519107-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 13:23:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 29 Jun 2022 11:04:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6ddXXQMXEnxCD1SbxqsSf6i7onc4siMc0B0CkRs%2FvRbI%2BEE7bLTJ2%2BvdKvmPjOSOzgltxSPersL3Uv4G4x%2F8xwnHfmyINYXXU6UJKeQ3TytQ9QiI9CiW8cQgz4z9N3jFpml4qW%2BPGQUO9ruKC3f4gxHZwpqNGw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000; includeSubDomains
vary
Accept-Encoding, accept,amp-cache-transform
wpo-cache-status
cached
x-html-edge-cache-status
Bypass for Reload, Cached
x-powered-by
PHP/7.4.30 PleskLin
style.min.css
www.redpacketsecurity.com/wp-includes/css/dist/block-library/
87 KB
12 KB
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-includes/css/dist/block-library/style.min.css?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 28 May 2022 21:05:44 GMT
server
cloudflare
etag
W/"62928ea8-15b26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOjd%2FbmIlhBjRavfwXmeY80ass8teBiD%2BgjT897Ry3JmVrQQLGfzqWCSAJt3AqQmhZw7eoIJepKRIICQG94kNYjfb1mzItTDdAru6X4WRDrObapQIjLtVnFLNryca2O0yTPFu9ntdf3fSHab5%2FwY1iXFoef3idA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
722efad1585f9107-FRA
app.css
www.redpacketsecurity.com/wp-content/plugins/patreon-connect/assets/css/
2 KB
1015 B
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/patreon-connect/assets/css/app.css?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
af12f7592b4d8f6b8483bd9bab081ecf35abe485d5315fb0ecf30559ac2bd9cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Mar 2022 09:03:28 GMT
server
cloudflare
etag
W/"623c33e0-bd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMARhGRcTaEYMxRI45ijRrD8wcVs8V71Km9rxbUtbt6JJx1XK60liAhJIi25R0oxnq6r5NfAEkG9JU%2Fzf%2BdrmIa9FLl2teYCwctRRcNHGgP6xWBvpmAklXEMlSn5p0Bn7E7yqmixkzvUUUUVrw9C%2BmyZpgvSxP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-polished
origSize=3028
cf-ray
722efad158619107-FRA
cf-bgj
minify
style.min.css
www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/template/_common/
2 KB
903 B
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/template/_common/style.min.css?ver=5.2.9
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
578ece1ba13e8a1dd211785e2df101ac5f9d1f2e387f9c6557bf51637ad0b84b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 19:27:37 GMT
server
cloudflare
etag
W/"62a78fa9-6bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRpSjxCUtJU9NTLpToTFPgBd9wb4fQbbBQEeD5x5deA8yQhvMf8G%2FJ%2FERQ%2Fi52xj3BRUsNp64uGrWDlh5RuOjdTi1QYVyQBrDO4G30rKff180HU4ovohX24kboofI87DFb%2FaoUEYQ1POqkFlxfVzOJGTXRUEqig%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
722efad158639107-FRA
style.min.css
www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/template/list/
9 KB
2 KB
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/template/list/style.min.css?ver=1.2.9
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
13ea1503dc13c1d5259d6d10430aadc0fe269a78016fa6b7e0a41d653c6a7001
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 19:27:37 GMT
server
cloudflare
etag
W/"62a78fa9-233b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNo3f0QJEsbmptcdSWqtqmNksJG2IvvEsIohM4Y5hkfqtgRIiNZ7l9%2BTh5%2Bp8SpSJuoEp23%2FG79ZYrG7WIY3jX84HwhqXtDINdtFJ5JhddBmegRqcWhiXuCL3IISOxj%2FH9p4mr1O69mYDlL3JJWwET4vWgf%2B5ls%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
722efad158649107-FRA
style.min.css
www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/template/text/
16 B
353 B
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/template/text/style.min.css?ver=1.0.1
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9ddc0f6530a2a949a60ecc192689aba25551e0f9f6270b44803134b27708d883
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16
last-modified
Mon, 13 Jun 2022 19:27:37 GMT
server
cloudflare
etag
"10-5e15947dadc3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLe9QI8pNoc9VOL3xDsMLaDh9%2BFWH%2FeDrWkeQUrEI4wTdhjlI8fdw7mnYIQIyV6sHZl9VixDmNCi7h46cJy6ZTcCXz4RdeGmhCtHB%2BqzUgVqMuCCtmn4P46z0B8Sz8SnLBYzm8etXbaIFXXoLpDwiiYWFjrwPDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-accel-version
0.01
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
722efad158679107-FRA
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C800%7CWork%2BSans%3A300%2C400%2C500%2C600%2C700%2C800%2C900%26display%3Dswap&subset=latin%2Clatin-ext
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e030af5390ddec7d8ce24c6fc6c650cfbc92d38037d2ac11ad9591db251e65e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 12:54:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 13:23:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 13:23:58 GMT
css
fonts.googleapis.com/
592 KB
44 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=ABeeZee%7CAbel%7CAbril+Fatface%7CAclonica%7CAcme%7CActor%7CAdamina%7CAdvent+Pro%7CAguafina+Script%7CAkronim%7CAladin%7CAldrich%7CAlef%7CAlegreya%7CAlegreya+SC%7CAlegreya+Sans%7CAlegreya+Sans+SC%7CAlex+Brush%7CAlfa+Slab+One%7CAlice%7CAlike%7CAlike+Angular%7CAllan%7CAllerta%7CAllerta+Stencil%7CAllura%7CAlmendra%7CAlmendra+Display%7CAlmendra+SC%7CAmarante%7CAmaranth%7CAmatic+SC%7CAmatica+SC%7CAmethysta%7CAmiko%7CAmiri%7CAmita%7CAnaheim%7CAndada%7CAndika%7CAngkor%7CAnnie+Use+Your+Telescope%7CAnonymous+Pro%7CAntic%7CAntic+Didone%7CAntic+Slab%7CAnton%7CArapey%7CArbutus%7CArbutus+Slab%7CArchitects+Daughter%7CArchivo+Black%7CArchivo+Narrow%7CAref+Ruqaa%7CArima+Madurai%7CArimo%7CArizonia%7CArmata%7CArtifika%7CArvo%7CArya%7CAsap%7CAsar%7CAsset%7CAssistant%7CAstloch%7CAsul%7CAthiti%7CAtma%7CAtomic+Age%7CAubrey%7CAudiowide%7CAutour+One%7CAverage%7CAverage+Sans%7CAveria+Gruesa+Libre%7CAveria+Libre%7CAveria+Sans+Libre%7CAveria+Serif+Libre%7CBad+Script%7CBaloo%7CBaloo+Bhai%7CBaloo+Da%7CBaloo+Thambi%7CBalthazar%7CBangers%7CBasic%7CBattambang%7CBaumans%7CBayon%7CBelgrano%7CBelleza%7CBenchNine%7CBentham%7CBerkshire+Swash%7CBevan%7CBigelow+Rules%7CBigshot+One%7CBilbo%7CBilbo+Swash+Caps%7CBioRhyme%7CBioRhyme+Expanded%7CBiryani%7CBitter%7CBlack+Ops+One%7CBokor%7CBonbon%7CBoogaloo%7CBowlby+One%7CBowlby+One+SC%7CBrawler%7CBree+Serif%7CBubblegum+Sans%7CBubbler+One%7CBuda%7CBuenard%7CBungee%7CBungee+Hairline%7CBungee+Inline%7CBungee+Outline%7CBungee+Shade%7CButcherman%7CButterfly+Kids%7CCabin%7CCabin+Condensed%7CCabin+Sketch%7CCaesar+Dressing%7CCagliostro%7CCairo%7CCalligraffitti%7CCambay%7CCambo%7CCandal%7CCantarell%7CCantata+One%7CCantora+One%7CCapriola%7CCardo%7CCarme%7CCarrois+Gothic%7CCarrois+Gothic+SC%7CCarter+One%7CCatamaran%7CCaudex%7CCaveat%7CCaveat+Brush%7CCedarville+Cursive%7CCeviche+One%7CChanga%7CChanga+One%7CChango%7CChathura%7CChau+Philomene+One%7CChela+One%7CChelsea+Market%7CChenla%7CCherry+Cream+Soda%7CCherry+Swash%7CChewy%7CChicle%7CChivo%7CChonburi%7CCinzel%7CCinzel+Decorative%7CClicker+Script%7CCoda%7CCoda+Caption%7CCodystar%7CCoiny%7CCombo%7CComfortaa%7CComing+Soon%7CConcert+One%7CCondiment%7CContent%7CContrail+One%7CConvergence%7CCookie%7CCopse%7CCorben%7CCormorant%7CCormorant+Garamond%7CCormorant+Infant%7CCormorant+SC%7CCormorant+Unicase%7CCormorant+Upright%7CCourgette%7CCousine%7CCoustard%7CCovered+By+Your+Grace%7CCrafty+Girls%7CCreepster%7CCrete+Round%7CCrimson+Text%7CCroissant+One%7CCrushed%7CCuprum%7CCutive%7CCutive+Mono%7CDamion%7CDancing+Script%7CDangrek%7CDavid+Libre%7CDawning+of+a+New+Day%7CDays+One%7CDekko%7CDelius%7CDelius+Swash+Caps%7CDelius+Unicase%7CDella+Respira%7CDenk+One%7CDevonshire%7CDhurjati%7CDidact+Gothic%7CDiplomata%7CDiplomata+SC%7CDomine%7CDonegal+One%7CDoppio+One%7CDorsa%7CDosis%7CDr+Sugiyama%7CDroid+Sans%7CDroid+Sans+Mono%7CDroid+Serif%7CDuru+Sans%7CDynalight%7CEB+Garamond%7CEagle+Lake%7CEater%7CEconomica%7CEczar%7CEk+Mukta%7CEl+Messiri%7CElectrolize%7CElsie%7CElsie+Swash+Caps%7CEmblema+One%7CEmilys+Candy%7CEngagement%7CEnglebert%7CEnriqueta%7CErica+One%7CEsteban%7CEuphoria+Script%7CEwert%7CExo%7CExo+2%7CExpletus+Sans%7CFanwood+Text%7CFarsan%7CFascinate%7CFascinate+Inline%7CFaster+One%7CFasthand%7CFauna+One%7CFederant%7CFedero%7CFelipa%7CFenix%7CFinger+Paint%7CFira+Mono%7CFira+Sans%7CFjalla+One%7CFjord+One%7CFlamenco%7CFlavors%7CFondamento%7CFontdiner+Swanky%7CForum%7CFrancois+One%7CFrank+Ruhl+Libre%7CFreckle+Face%7CFredericka+the+Great%7CFredoka+One%7CFreehand%7CFresca%7CFrijole%7CFruktur%7CFugaz+One%7CGFS+Didot%7CGFS+Neohellenic%7CGabriela%7CGafata%7CGalada%7CGaldeano%7CGalindo%7CGentium+Basic%7CGentium+Book+Basic%7CGeo%7CGeostar%7CGeostar+Fill%7CGermania+One%7CGidugu%7CGilda+Display%7CGive+You+Glory%7CGlass+Antiqua%7CGlegoo%7CGloria+Hallelujah%7CGoblin+One%7CGochi+Hand%7CGorditas%7CGoudy+Bookletter+1911%7CGraduate%7CGrand+Hotel%7CGravitas+One%7CGreat+Vibes%7CGriffy%7CGruppo%7CGudea%7CGurajada%7CHabibi%7CHalant%7CHammersmith+One%7CHanalei%7CHanalei+Fill%7CHandlee%7CHanuman%7CHappy+Monkey%7CHarmattan%7CHeadland+One%7CHeebo%7CHenny+Penny%7CHerr+Von+Muellerhoff%7CHind%7CHind+Guntur%7CHind+Madurai%7CHind+Siliguri%7CHind+Vadodara%7CHoltwood+One+SC%7CHomemade+Apple%7CHomenaje%7CIM+Fell+DW+Pica%7CIM+Fell+DW+Pica+SC%7CIM+Fell+Double+Pica%7CIM+Fell+Double+Pica+SC%7CIM+Fell+English%7CIM+Fell+English+SC%7CIM+Fell+French+Canon%7CIM+Fell+French+Canon+SC%7CIM+Fell+Great+Primer%7CIM+Fell+Great+Primer+SC%7CIceberg%7CIceland%7CImprima%7CInconsolata%7CInder%7CIndie+Flower%7CInika%7CInknut+Antiqua%7CIrish+Grover%7CIstok+Web%7CItaliana%7CItalianno%7CItim%7CJacques+Francois%7CJacques+Francois+Shadow%7CJaldi%7CJim+Nightshade%7CJockey+One%7CJolly+Lodger%7CJomhuria%7CJosefin+Sans%7CJosefin+Slab%7CJoti+One%7CJudson%7CJulee%7CJulius+Sans+One%7CJunge%7CJura%7CJust+Another+Hand%7CJust+Me+Again+Down+Here%7CKadwa%7CKalam%7CKameron%7CKanit%7CKantumruy%7CKarla%7CKarma%7CKatibeh%7CKaushan+Script%7CKavivanar%7CKavoon%7CKdam+Thmor%7CKeania+One%7CKelly+Slab%7CKenia%7CKhand%7CKhmer%7CKhula%7CKite+One%7CKnewave%7CKotta+One%7CKoulen%7CKranky%7CKreon%7CKristi%7CKrona+One%7CKumar+One%7CKumar+One+Outline%7CKurale%7CLa+Belle+Aurore%7CLaila%7CLakki+Reddy%7CLalezar%7CLancelot%7CLateef%7CLato%7CLeague+Script%7CLeckerli+One%7CLedger%7CLekton%7CLemon%7CLemonada%7CLibre+Baskerville%7CLibre+Franklin%7CLife+Savers%7CLilita+One%7CLily+Script+One%7CLimelight%7CLinden+Hill%7CLobster%7CLobster+Two%7CLondrina+Outline%7CLondrina+Shadow%7CLondrina+Sketch%7CLondrina+Solid%7CLora%7CLove+Ya+Like+A+Sister%7CLoved+by+the+King%7CLovers+Quarrel%7CLuckiest+Guy%7CLusitana%7CLustria%7CMacondo%7CMacondo+Swash+Caps%7CMada%7CMagra%7CMaiden+Orange%7CMaitree%7CMako%7CMallanna%7CMandali%7CMarcellus%7CMarcellus+SC%7CMarck+Script%7CMargarine%7CMarko+One%7CMarmelad%7CMartel%7CMartel+Sans%7CMarvel%7CMate%7CMate+SC%7CMaven+Pro%7CMcLaren%7CMeddon%7CMedievalSharp%7CMedula+One%7CMeera+Inimai%7CMegrim%7CMeie+Script%7CMerienda%7CMerienda+One%7CMerriweather%7CMerriweather+Sans%7CMetal%7CMetal+Mania%7CMetamorphous%7CMetrophobic%7CMichroma%7CMilonga%7CMiltonian%7CMiltonian+Tattoo%7CMiniver%7CMiriam+Libre%7CMirza%7CMiss+Fajardose%7CMitr%7CModak%7CModern+Antiqua%7CMogra%7CMolengo%7CMolle%7CMonda%7CMonofett%7CMonoton%7CMonsieur+La+Doulaise%7CMontaga%7CMontez%7CMontserrat%7CMontserrat+Alternates%7CMontserrat+Subrayada%7CMoul%7CMoulpali%7CMountains+of+Christmas%7CMouse+Memoirs%7CMr+Bedfort%7CMr+Dafoe%7CMr+De+Haviland%7CMrs+Saint+Delafield%7CMrs+Sheppards%7CMukta+Vaani%7CMuli%7CMystery+Quest%7CNTR%7CNeucha%7CNeuton%7CNew+Rocker%7CNews+Cycle%7CNiconne%7CNixie+One%7CNobile%7CNokora%7CNorican%7CNosifer%7CNothing+You+Could+Do%7CNoticia+Text%7CNoto+Sans%7CNoto+Serif%7CNova+Cut%7CNova+Flat%7CNova+Mono%7CNova+Oval%7CNova+Round%7CNova+Script%7CNova+Slim%7CNova+Square%7CNumans%7CNunito%7COdor+Mean+Chey%7COffside%7COld+Standard+TT%7COldenburg%7COleo+Script%7COleo+Script+Swash+Caps%7COpen+Sans%7COpen+Sans+Condensed%7COranienbaum%7COrbitron%7COregano%7COrienta%7COriginal+Surfer%7COswald%7COver+the+Rainbow%7COverlock%7COverlock+SC%7COvo%7COxygen%7COxygen+Mono%7CPT+Mono%7CPT+Sans%7CPT+Sans+Caption%7CPT+Sans+Narrow%7CPT+Serif%7CPT+Serif+Caption%7CPacifico%7CPalanquin%7CPalanquin+Dark%7CPaprika%7CParisienne%7CPassero+One%7CPassion+One%7CPathway+Gothic+One%7CPatrick+Hand%7CPatrick+Hand+SC%7CPattaya%7CPatua+One%7CPavanam%7CPaytone+One%7CPeddana%7CPeralta%7CPermanent+Marker%7CPetit+Formal+Script%7CPetrona%7CPhilosopher%7CPiedra%7CPinyon+Script%7CPirata+One%7CPlaster%7CPlay%7CPlayball%7CPlayfair+Display%7CPlayfair+Display+SC%7CPodkova%7CPoiret+One%7CPoller+One%7CPoly%7CPompiere%7CPontano+Sans%7CPoppins%7CPort+Lligat+Sans%7CPort+Lligat+Slab%7CPragati+Narrow%7CPrata%7CPreahvihear%7CPress+Start+2P%7CPridi%7CPrincess+Sofia%7CProciono%7CPrompt%7CProsto+One%7CProza+Libre%7CPuritan%7CPurple+Purse%7CQuando%7CQuantico%7CQuattrocento%7CQuattrocento+Sans%7CQuestrial%7CQuicksand%7CQuintessential%7CQwigley%7CRacing+Sans+One%7CRadley%7CRajdhani%7CRakkas%7CRaleway%7CRaleway+Dots%7CRamabhadra%7CRamaraja%7CRambla%7CRammetto+One%7CRanchers%7CRancho%7CRanga%7CRasa%7CRationale%7CRavi+Prakash%7CRedressed%7CReem+Kufi%7CReenie+Beanie%7CRevalia%7CRhodium+Libre%7CRibeye%7CRibeye+Marrow%7CRighteous%7CRisque%7CRoboto%7CRoboto+Condensed%7CRoboto+Mono%7CRoboto+Slab%7CRochester%7CRock+Salt%7CRokkitt%7CRomanesco%7CRopa+Sans%7CRosario%7CRosarivo%7CRouge+Script%7CRozha+One%7CRubik%7CRubik+Mono+One%7CRubik+One%7CRuda%7CRufina%7CRuge+Boogie%7CRuluko%7CRum+Raisin%7CRuslan+Display%7CRusso+One%7CRuthie%7CRye%7CSacramento%7CSahitya%7CSail%7CSalsa%7CSanchez%7CSancreek%7CSansita+One%7CSarala%7CSarina%7CSarpanch%7CSatisfy%7CScada%7CScheherazade%7CSchoolbell%7CScope+One%7CSeaweed+Script%7CSecular+One%7CSevillana%7CSeymour+One%7CShadows+Into+Light%7CShadows+Into+Light+Two%7CShanti%7CShare%7CShare+Tech%7CShare+Tech+Mono%7CShojumaru%7CShort+Stack%7CShrikhand%7CSiemreap%7CSigmar+One%7CSignika%7CSignika+Negative%7CSimonetta%7CSintony%7CSirin+Stencil%7CSix+Caps%7CSkranji%7CSlabo+13px%7CSlabo+27px%7CSlackey%7CSmokum%7CSmythe%7CSniglet%7CSnippet%7CSnowburst+One%7CSofadi+One%7CSofia%7CSonsie+One%7CSorts+Mill+Goudy%7CSource+Code+Pro%7CSource+Sans+Pro%7CSource+Serif+Pro%7CSpace+Mono%7CSpecial+Elite%7CSpicy+Rice%7CSpinnaker%7CSpirax%7CSquada+One%7CSree+Krushnadevaraya%7CSriracha%7CStalemate%7CStalinist+One%7CStardos+Stencil%7CStint+Ultra+Condensed%7CStint+Ultra+Expanded%7CStoke%7CStrait%7CSue+Ellen+Francisco%7CSuez+One%7CSumana%7CSunshiney%7CSupermercado+One%7CSura%7CSuranna%7CSuravaram%7CSuwannaphum%7CSwanky+and+Moo+Moo%7CSyncopate%7CTangerine%7CTaprom%7CTauri%7CTaviraj%7CTeko%7CTelex%7CTenali+Ramakrishna%7CTenor+Sans%7CText+Me+One%7CThe+Girl+Next+Door%7CTienne%7CTillana%7CTimmana%7CTinos%7CTitan+One%7CTitillium+Web%7CTrade+Winds%7CTrirong%7CTrocchi%7CTrochut%7CTrykker%7CTulpen+One%7CUbuntu%7CUbuntu+Condensed%7CUbuntu+Mono%7CUltra%7CUncial+Antiqua%7CUnderdog%7CUnica+One%7CUnifrakturCook%7CUnifrakturMaguntia%7CUnkempt%7CUnlock%7CUnna%7CVT323%7CVampiro+One%7CVarela%7CVarela+Round%7CVast+Shadow%7CVesper+Libre%7CVibur%7CVidaloka%7CViga%7CVoces%7CVolkhov%7CVollkorn%7CVoltaire%7CWaiting+for+the+Sunrise%7CWallpoet%7CWalter+Turncoat%7CWarnes%7CWellfleet%7CWendy+One%7CWire+One%7CWork+Sans%7CYanone+Kaffeesatz%7CYantramanav%7CYatra+One%7CYellowtail%7CYeseva+One%7CYesteryear%7CYrsa%7CZeyada&subset=latin%2Clatin-ext
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
717fbacbf26a1f7ee86c28a9dabf6abc285b324b24a11f0d3762903d8934565a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 13:13:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 13:23:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 13:23:58 GMT
bootstrap.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/
156 KB
26 KB
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/bootstrap.css?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e9d9a4ac74e536c050e8c6c9a95941e5009411ae61e9c2bcd8371f638b2ec661
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-329f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvNdceesY%2B4czbN5UOv9%2FtPuTtgg6PtH4eaGz1zq%2BSqHi50TX1YxdEo%2FyTR2vO6J49xpy42YMJ9s5NiUl8d3B8BNQsZVNk66LoAuQlw1XQjsG%2FIGAjieFQ4rTU%2F8WYV%2FlZQLpH%2FNlYeewiNFBL8y7B9g7CxXxLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-polished
origSize=207350
cf-ray
722efad1c9d39034-FRA
cf-bgj
minify
style.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/
62 KB
13 KB
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/style.css?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f84781d3e65130fbcee9c8813916246764b2e335a6a4827009f817c3ca74c3f0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-152e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Y25OTmS401ZVzbO0jcyt5EJ%2B%2BVOQ%2FVjwIFwnDvk7xZtomDhBfcr1VASYn6US%2FgVCnJv225H%2FMFGN8%2FkfewOls0HPF4SEv1aMFSV7wH3u1J1C5oIzihgkdcxFl2nSCsusu91mjhzTz6WvhAx%2B4s1JXX3ldP36HY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-polished
origSize=86759
cf-ray
722efad1c9db9034-FRA
cf-bgj
minify
light.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/colors/
92 B
734 B
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/colors/light.css?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
af468a53ff8b21e58d333969b462d31f6d23e94d0f255e58b8c9242057d29c34
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"81-5e17b59d731a3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyohQLhaplltNSi%2BTzPP6jcm0tlpwdIyF%2Bv00XeDRYr5iIb2a74nR%2FVM0g%2FKiaQnvmm7eDH%2BdbDWm0WNS2DJqCGQKbg85vm8LdunwNZaSowfxjIwo0Y0TgTDzkWPMz1P8fbY%2F%2FevqTAEDJ5qYA%2BELzd1eOYCLnc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-accel-version
0.01
cache-control
max-age=43200
cf-polished
origSize=129
cf-ray
722efad1c9dd9034-FRA
cf-bgj
minify
all.min.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/
55 KB
13 KB
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/all.min.css?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
04aec4107954c62d888f138cac63e9fd4508ca8bfcdaf9a9e3ade5eed2333b79
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-dcc9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzWE32K9wVpG3m92Wqcq7IGtv49E2nFgnGFm7%2FIj7GiNAfHzkHvyP3bh2xiNm27rLxTTSqgTGeSHVd5Zw96Gw%2Fvqq9sKgtEb9huWuJtxzcMetT5JrlKzl%2BwHMCLu2ekXZ9rbAN20XuBA6fKzOJp2P%2FyVCtg4rCI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
722efad1c9ec9034-FRA
v4-shims.min.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/
26 KB
5 KB
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/v4-shims.min.css?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
b2be9c7c3f5b1cfa7055b5f64d499416c9b680b0b6030677c323164358f49a99
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-6806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAYOntJuioszHnSv0PzG%2FyRziONC3TUTr5EqjfXoT5q86RZCDXMQGu8pzT1P7jAuM9D76cDwdb9wg1vCMafubijBAXlqm7FmWkqyIqgMvMY2pvxC62ufQpZ8lyNMeEixzod2wNLMkRdoeOYqpbI7S7vl%2FRcdgCU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
722efad1c9ed9034-FRA
owl.carousel.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/
1 KB
1013 B
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/owl.carousel.css?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
eee2832920de823a77ade71ddf71f135ef58d3d7aa14c2e48036e1faec3c2762
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-60b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSsSwdo5la0N7jwQ%2BuH2ABO3rE7Xbzjt0BrqywiSfwlOL23XGV63oM%2Bb6EHoYtuYhqQuBTCU78k0tiorAtooitgrNsKFfAkZqx%2B4cYO6aABKyuVbDnPBm4ZaS54qk%2BaPb9H%2BW40Ic4%2FGVXopfyxVmFjeCi2ZqyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-polished
origSize=1547
cf-ray
722efad1c9ee9034-FRA
cf-bgj
minify
jquery.smartmenus.bootstrap.css
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/jquery.smartmenus.bootstrap.css?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9b67a14d3266023e71ecdf6bbb6376034a486e07e1da880f536af90fb1c07711
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-fdb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUfp2hL3sDEx9l77Awt25%2B0rI9ihClv2y%2BvhRr1Erfqg%2FhOXcDboiS9h5CvVzqxyRVXzxcXBxItC6Tel3rr7AQEhFhYzgYKkL1ui6BTqp4YFqvAj642xVWAdp%2BjqETaIsTnTc2CcHLRPXOPJexiAKQt7NjqR6OM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-polished
origSize=4059
cf-ray
722efad1c9f09034-FRA
cf-bgj
minify
front.min.css
www.redpacketsecurity.com/wp-content/plugins/cookie-notice/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 06:42:50 GMT
server
cloudflare
etag
W/"629ef36a-14ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAolPQtOma6y%2BLM8YCJYfEeZoFIa4Zi6jTJGWjXLTuKOxfJMHfxmqojhJs6VAH9jjqrn5jPx%2FAgPifNxBzQCFweUWvZiWFkSm%2F31zu7JF2bwog14Yk5vaV2Lcpc8QqiUFqSHTCrtv010ZKzosVdqqo8jTkK%2BCAU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
722efad1c9f19034-FRA
dashicons.min.css
www.redpacketsecurity.com/wp-includes/css/
58 KB
35 KB
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-includes/css/dashicons.min.css?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Apr 2021 03:42:13 GMT
server
cloudflare
etag
W/"6077b615-e688"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5f9B3jxk7Kbuj4PaEPkX3oXwzImQ2bUoWAQmGMx2hSAfJtX2mrnu7Pp8uvIMqIFMqHTe9mzcjcJO8cdEFIwEBmLyCVlBC0bOZpHgtAFAuSAlVM5WqGM%2BNXViWXUAlwpWXCEOSJJgtYmijl5W7vrvxXV%2FBab1jY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
722efad1c9f29034-FRA
wp-pointer.min.css
www.redpacketsecurity.com/wp-includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-includes/css/wp-pointer.min.css?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ace0366eab1ff253f3ccc456913f0cd991bd1ead16846297ba62c40e2f0dcd5b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 21:10:27 GMT
server
cloudflare
etag
W/"61f06743-ca6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZ20Hf0tNDAfVlFZMuiUdVHgkkZL00dFwv0KzX9wrswlY1Yqr5FifF2WzlVnVTnIWBIzYeKbudiInssQ9%2BzgxFeDpBTVZYLCdA75P3%2BvR%2BiCw8OkObkRV4poFjyba8gvy9iWDbpxKqjFO%2FojgQPjSHCJxDdzZdo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
722efad1c9f49034-FRA
invisible.js
www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/
43 KB
16 KB
Script
General
Full URL
https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1656504000
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07d8e06258039e45a3d2e1da8b1001e0c301135b485e85726abc4b306d473abb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYNBaHxdjUDHknhhniflIYNceymXnUE6ntCFpNF0kO%2F5%2Fd36KRYNp9cyian4hb1DjN90zg3mwVu1JC6olH4p9gsiheSByCt8zVUKQCN6onBNxVidwBIG9AlwRsqPyBPPEoTjgN0Quh%2FU7hEeZyg4ylq5oJ5CC4g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
722efad2fbb89034-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
email-decode.min.js
www.redpacketsecurity.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.redpacketsecurity.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 Jun 2022 16:43:30 GMT
server
cloudflare
etag
W/"62a8bab2-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yp0ZTO1iz0JGjnP7ScEFfFPqd5ll%2FT3aMQN4%2FUJXuyxcllD8HW7WWDsmOnuchNITT1IRK8jBNIJ2GTfprEBFeo1w7dUnZtNhOe5O2w%2FFDxf2XL0OZg1EaYWYNFykKIUOL%2BbDIiOiN9Eag2lC8G2OWZKNXHILPAg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
722efad1c9f59034-FRA
vary
Accept-Encoding
expires
Fri, 01 Jul 2022 13:23:58 GMT
jquery.modal.min.css
www.redpacketsecurity.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/
3 KB
2 KB
Stylesheet
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/jquery.modal.min.css?ver=4.3.26
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Jun 2022 07:27:03 GMT
server
cloudflare
etag
W/"62bbfec7-c81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eX9qEwUvedko7t%2BosHc0nJALmg21mf401Ia0L9c7mEcsrhe38sr7N6S%2BzJrkQgcFMG4ZzrQoUsbHl%2FxpLJDH%2FdqJHrW0JlOci3yhlKutAawMu4GUzpIuDnVVuOcREVOX%2FppUPx7bYoQVEVTLFy2jiSWQb5lv9kw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
722efad1c9f79034-FRA
rocket-loader.min.js
www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 Jun 2022 16:43:30 GMT
server
cloudflare
etag
W/"62a8bab2-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzspVMEA9ZY2sE%2FAFrYHzs2GdyvLR74nPuZ%2B4hwvxAFM%2BZ1rlXrVnHQBc9TuGsc9fE8AiqCjnDTJvMZBfqJGjzBZ1fd1%2BlM6J%2BQFP%2F63Wbn58yMLuXJLmV1gwRtCoePh6jMC%2BMxPgQVTeTSj6x3a6TlREF2lBjo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
722efad2fbb99034-FRA
vary
Accept-Encoding
expires
Fri, 01 Jul 2022 13:23:58 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/
14 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.redpacketsecurity.com/
Origin
https://www.redpacketsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
722efad3880d9bee-FRA
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
head-back.jpg
www.redpacketsecurity.com/wp-content/themes/newsup-pro/images/
214 KB
215 KB
Image
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/images/head-back.jpg
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c304be164d697444f4c480c7052ca7a25708686194dec476c55fbd500599f29c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
219152
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
"62a9cb44-35818"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BTvwa58NHzsIhgFi5HwqpaM6T7kwUWmBubK3eoWzX2V%2FS09e6zFCYfkLiniQSIBh2lnHz6hfhEPZcCk1Qh5gy8BSVRKu20pPgtHH6h4Cjb6ZgWJR4pp3gWAUDFK82lUlwW9qOs9gpJMO%2FH4bm8OnONxb7J0xps%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=43200
cf-polished
origSize=219160, status=webp_bigger
accept-ranges
bytes
cf-ray
722efad4ce179034-FRA
cf-bgj
imgq:100,h2pri
QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v17/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/worksans/v17/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=ABeeZee%7CAbel%7CAbril+Fatface%7CAclonica%7CAcme%7CActor%7CAdamina%7CAdvent+Pro%7CAguafina+Script%7CAkronim%7CAladin%7CAldrich%7CAlef%7CAlegreya%7CAlegreya+SC%7CAlegreya+Sans%7CAlegreya+Sans+SC%7CAlex+Brush%7CAlfa+Slab+One%7CAlice%7CAlike%7CAlike+Angular%7CAllan%7CAllerta%7CAllerta+Stencil%7CAllura%7CAlmendra%7CAlmendra+Display%7CAlmendra+SC%7CAmarante%7CAmaranth%7CAmatic+SC%7CAmatica+SC%7CAmethysta%7CAmiko%7CAmiri%7CAmita%7CAnaheim%7CAndada%7CAndika%7CAngkor%7CAnnie+Use+Your+Telescope%7CAnonymous+Pro%7CAntic%7CAntic+Didone%7CAntic+Slab%7CAnton%7CArapey%7CArbutus%7CArbutus+Slab%7CArchitects+Daughter%7CArchivo+Black%7CArchivo+Narrow%7CAref+Ruqaa%7CArima+Madurai%7CArimo%7CArizonia%7CArmata%7CArtifika%7CArvo%7CArya%7CAsap%7CAsar%7CAsset%7CAssistant%7CAstloch%7CAsul%7CAthiti%7CAtma%7CAtomic+Age%7CAubrey%7CAudiowide%7CAutour+One%7CAverage%7CAverage+Sans%7CAveria+Gruesa+Libre%7CAveria+Libre%7CAveria+Sans+Libre%7CAveria+Serif+Libre%7CBad+Script%7CBaloo%7CBaloo+Bhai%7CBaloo+Da%7CBaloo+Thambi%7CBalthazar%7CBangers%7CBasic%7CBattambang%7CBaumans%7CBayon%7CBelgrano%7CBelleza%7CBenchNine%7CBentham%7CBerkshire+Swash%7CBevan%7CBigelow+Rules%7CBigshot+One%7CBilbo%7CBilbo+Swash+Caps%7CBioRhyme%7CBioRhyme+Expanded%7CBiryani%7CBitter%7CBlack+Ops+One%7CBokor%7CBonbon%7CBoogaloo%7CBowlby+One%7CBowlby+One+SC%7CBrawler%7CBree+Serif%7CBubblegum+Sans%7CBubbler+One%7CBuda%7CBuenard%7CBungee%7CBungee+Hairline%7CBungee+Inline%7CBungee+Outline%7CBungee+Shade%7CButcherman%7CButterfly+Kids%7CCabin%7CCabin+Condensed%7CCabin+Sketch%7CCaesar+Dressing%7CCagliostro%7CCairo%7CCalligraffitti%7CCambay%7CCambo%7CCandal%7CCantarell%7CCantata+One%7CCantora+One%7CCapriola%7CCardo%7CCarme%7CCarrois+Gothic%7CCarrois+Gothic+SC%7CCarter+One%7CCatamaran%7CCaudex%7CCaveat%7CCaveat+Brush%7CCedarville+Cursive%7CCeviche+One%7CChanga%7CChanga+One%7CChango%7CChathura%7CChau+Philomene+One%7CChela+One%7CChelsea+Market%7CChenla%7CCherry+Cream+Soda%7CCherry+Swash%7CChewy%7CChicle%7CChivo%7CChonburi%7CCinzel%7CCinzel+Decorative%7CClicker+Script%7CCoda%7CCoda+Caption%7CCodystar%7CCoiny%7CCombo%7CComfortaa%7CComing+Soon%7CConcert+One%7CCondiment%7CContent%7CContrail+One%7CConvergence%7CCookie%7CCopse%7CCorben%7CCormorant%7CCormorant+Garamond%7CCormorant+Infant%7CCormorant+SC%7CCormorant+Unicase%7CCormorant+Upright%7CCourgette%7CCousine%7CCoustard%7CCovered+By+Your+Grace%7CCrafty+Girls%7CCreepster%7CCrete+Round%7CCrimson+Text%7CCroissant+One%7CCrushed%7CCuprum%7CCutive%7CCutive+Mono%7CDamion%7CDancing+Script%7CDangrek%7CDavid+Libre%7CDawning+of+a+New+Day%7CDays+One%7CDekko%7CDelius%7CDelius+Swash+Caps%7CDelius+Unicase%7CDella+Respira%7CDenk+One%7CDevonshire%7CDhurjati%7CDidact+Gothic%7CDiplomata%7CDiplomata+SC%7CDomine%7CDonegal+One%7CDoppio+One%7CDorsa%7CDosis%7CDr+Sugiyama%7CDroid+Sans%7CDroid+Sans+Mono%7CDroid+Serif%7CDuru+Sans%7CDynalight%7CEB+Garamond%7CEagle+Lake%7CEater%7CEconomica%7CEczar%7CEk+Mukta%7CEl+Messiri%7CElectrolize%7CElsie%7CElsie+Swash+Caps%7CEmblema+One%7CEmilys+Candy%7CEngagement%7CEnglebert%7CEnriqueta%7CErica+One%7CEsteban%7CEuphoria+Script%7CEwert%7CExo%7CExo+2%7CExpletus+Sans%7CFanwood+Text%7CFarsan%7CFascinate%7CFascinate+Inline%7CFaster+One%7CFasthand%7CFauna+One%7CFederant%7CFedero%7CFelipa%7CFenix%7CFinger+Paint%7CFira+Mono%7CFira+Sans%7CFjalla+One%7CFjord+One%7CFlamenco%7CFlavors%7CFondamento%7CFontdiner+Swanky%7CForum%7CFrancois+One%7CFrank+Ruhl+Libre%7CFreckle+Face%7CFredericka+the+Great%7CFredoka+One%7CFreehand%7CFresca%7CFrijole%7CFruktur%7CFugaz+One%7CGFS+Didot%7CGFS+Neohellenic%7CGabriela%7CGafata%7CGalada%7CGaldeano%7CGalindo%7CGentium+Basic%7CGentium+Book+Basic%7CGeo%7CGeostar%7CGeostar+Fill%7CGermania+One%7CGidugu%7CGilda+Display%7CGive+You+Glory%7CGlass+Antiqua%7CGlegoo%7CGloria+Hallelujah%7CGoblin+One%7CGochi+Hand%7CGorditas%7CGoudy+Bookletter+1911%7CGraduate%7CGrand+Hotel%7CGravitas+One%7CGreat+Vibes%7CGriffy%7CGruppo%7CGudea%7CGurajada%7CHabibi%7CHalant%7CHammersmith+One%7CHanalei%7CHanalei+Fill%7CHandlee%7CHanuman%7CHappy+Monkey%7CHarmattan%7CHeadland+One%7CHeebo%7CHenny+Penny%7CHerr+Von+Muellerhoff%7CHind%7CHind+Guntur%7CHind+Madurai%7CHind+Siliguri%7CHind+Vadodara%7CHoltwood+One+SC%7CHomemade+Apple%7CHomenaje%7CIM+Fell+DW+Pica%7CIM+Fell+DW+Pica+SC%7CIM+Fell+Double+Pica%7CIM+Fell+Double+Pica+SC%7CIM+Fell+English%7CIM+Fell+English+SC%7CIM+Fell+French+Canon%7CIM+Fell+French+Canon+SC%7CIM+Fell+Great+Primer%7CIM+Fell+Great+Primer+SC%7CIceberg%7CIceland%7CImprima%7CInconsolata%7CInder%7CIndie+Flower%7CInika%7CInknut+Antiqua%7CIrish+Grover%7CIstok+Web%7CItaliana%7CItalianno%7CItim%7CJacques+Francois%7CJacques+Francois+Shadow%7CJaldi%7CJim+Nightshade%7CJockey+One%7CJolly+Lodger%7CJomhuria%7CJosefin+Sans%7CJosefin+Slab%7CJoti+One%7CJudson%7CJulee%7CJulius+Sans+One%7CJunge%7CJura%7CJust+Another+Hand%7CJust+Me+Again+Down+Here%7CKadwa%7CKalam%7CKameron%7CKanit%7CKantumruy%7CKarla%7CKarma%7CKatibeh%7CKaushan+Script%7CKavivanar%7CKavoon%7CKdam+Thmor%7CKeania+One%7CKelly+Slab%7CKenia%7CKhand%7CKhmer%7CKhula%7CKite+One%7CKnewave%7CKotta+One%7CKoulen%7CKranky%7CKreon%7CKristi%7CKrona+One%7CKumar+One%7CKumar+One+Outline%7CKurale%7CLa+Belle+Aurore%7CLaila%7CLakki+Reddy%7CLalezar%7CLancelot%7CLateef%7CLato%7CLeague+Script%7CLeckerli+One%7CLedger%7CLekton%7CLemon%7CLemonada%7CLibre+Baskerville%7CLibre+Franklin%7CLife+Savers%7CLilita+One%7CLily+Script+One%7CLimelight%7CLinden+Hill%7CLobster%7CLobster+Two%7CLondrina+Outline%7CLondrina+Shadow%7CLondrina+Sketch%7CLondrina+Solid%7CLora%7CLove+Ya+Like+A+Sister%7CLoved+by+the+King%7CLovers+Quarrel%7CLuckiest+Guy%7CLusitana%7CLustria%7CMacondo%7CMacondo+Swash+Caps%7CMada%7CMagra%7CMaiden+Orange%7CMaitree%7CMako%7CMallanna%7CMandali%7CMarcellus%7CMarcellus+SC%7CMarck+Script%7CMargarine%7CMarko+One%7CMarmelad%7CMartel%7CMartel+Sans%7CMarvel%7CMate%7CMate+SC%7CMaven+Pro%7CMcLaren%7CMeddon%7CMedievalSharp%7CMedula+One%7CMeera+Inimai%7CMegrim%7CMeie+Script%7CMerienda%7CMerienda+One%7CMerriweather%7CMerriweather+Sans%7CMetal%7CMetal+Mania%7CMetamorphous%7CMetrophobic%7CMichroma%7CMilonga%7CMiltonian%7CMiltonian+Tattoo%7CMiniver%7CMiriam+Libre%7CMirza%7CMiss+Fajardose%7CMitr%7CModak%7CModern+Antiqua%7CMogra%7CMolengo%7CMolle%7CMonda%7CMonofett%7CMonoton%7CMonsieur+La+Doulaise%7CMontaga%7CMontez%7CMontserrat%7CMontserrat+Alternates%7CMontserrat+Subrayada%7CMoul%7CMoulpali%7CMountains+of+Christmas%7CMouse+Memoirs%7CMr+Bedfort%7CMr+Dafoe%7CMr+De+Haviland%7CMrs+Saint+Delafield%7CMrs+Sheppards%7CMukta+Vaani%7CMuli%7CMystery+Quest%7CNTR%7CNeucha%7CNeuton%7CNew+Rocker%7CNews+Cycle%7CNiconne%7CNixie+One%7CNobile%7CNokora%7CNorican%7CNosifer%7CNothing+You+Could+Do%7CNoticia+Text%7CNoto+Sans%7CNoto+Serif%7CNova+Cut%7CNova+Flat%7CNova+Mono%7CNova+Oval%7CNova+Round%7CNova+Script%7CNova+Slim%7CNova+Square%7CNumans%7CNunito%7COdor+Mean+Chey%7COffside%7COld+Standard+TT%7COldenburg%7COleo+Script%7COleo+Script+Swash+Caps%7COpen+Sans%7COpen+Sans+Condensed%7COranienbaum%7COrbitron%7COregano%7COrienta%7COriginal+Surfer%7COswald%7COver+the+Rainbow%7COverlock%7COverlock+SC%7COvo%7COxygen%7COxygen+Mono%7CPT+Mono%7CPT+Sans%7CPT+Sans+Caption%7CPT+Sans+Narrow%7CPT+Serif%7CPT+Serif+Caption%7CPacifico%7CPalanquin%7CPalanquin+Dark%7CPaprika%7CParisienne%7CPassero+One%7CPassion+One%7CPathway+Gothic+One%7CPatrick+Hand%7CPatrick+Hand+SC%7CPattaya%7CPatua+One%7CPavanam%7CPaytone+One%7CPeddana%7CPeralta%7CPermanent+Marker%7CPetit+Formal+Script%7CPetrona%7CPhilosopher%7CPiedra%7CPinyon+Script%7CPirata+One%7CPlaster%7CPlay%7CPlayball%7CPlayfair+Display%7CPlayfair+Display+SC%7CPodkova%7CPoiret+One%7CPoller+One%7CPoly%7CPompiere%7CPontano+Sans%7CPoppins%7CPort+Lligat+Sans%7CPort+Lligat+Slab%7CPragati+Narrow%7CPrata%7CPreahvihear%7CPress+Start+2P%7CPridi%7CPrincess+Sofia%7CProciono%7CPrompt%7CProsto+One%7CProza+Libre%7CPuritan%7CPurple+Purse%7CQuando%7CQuantico%7CQuattrocento%7CQuattrocento+Sans%7CQuestrial%7CQuicksand%7CQuintessential%7CQwigley%7CRacing+Sans+One%7CRadley%7CRajdhani%7CRakkas%7CRaleway%7CRaleway+Dots%7CRamabhadra%7CRamaraja%7CRambla%7CRammetto+One%7CRanchers%7CRancho%7CRanga%7CRasa%7CRationale%7CRavi+Prakash%7CRedressed%7CReem+Kufi%7CReenie+Beanie%7CRevalia%7CRhodium+Libre%7CRibeye%7CRibeye+Marrow%7CRighteous%7CRisque%7CRoboto%7CRoboto+Condensed%7CRoboto+Mono%7CRoboto+Slab%7CRochester%7CRock+Salt%7CRokkitt%7CRomanesco%7CRopa+Sans%7CRosario%7CRosarivo%7CRouge+Script%7CRozha+One%7CRubik%7CRubik+Mono+One%7CRubik+One%7CRuda%7CRufina%7CRuge+Boogie%7CRuluko%7CRum+Raisin%7CRuslan+Display%7CRusso+One%7CRuthie%7CRye%7CSacramento%7CSahitya%7CSail%7CSalsa%7CSanchez%7CSancreek%7CSansita+One%7CSarala%7CSarina%7CSarpanch%7CSatisfy%7CScada%7CScheherazade%7CSchoolbell%7CScope+One%7CSeaweed+Script%7CSecular+One%7CSevillana%7CSeymour+One%7CShadows+Into+Light%7CShadows+Into+Light+Two%7CShanti%7CShare%7CShare+Tech%7CShare+Tech+Mono%7CShojumaru%7CShort+Stack%7CShrikhand%7CSiemreap%7CSigmar+One%7CSignika%7CSignika+Negative%7CSimonetta%7CSintony%7CSirin+Stencil%7CSix+Caps%7CSkranji%7CSlabo+13px%7CSlabo+27px%7CSlackey%7CSmokum%7CSmythe%7CSniglet%7CSnippet%7CSnowburst+One%7CSofadi+One%7CSofia%7CSonsie+One%7CSorts+Mill+Goudy%7CSource+Code+Pro%7CSource+Sans+Pro%7CSource+Serif+Pro%7CSpace+Mono%7CSpecial+Elite%7CSpicy+Rice%7CSpinnaker%7CSpirax%7CSquada+One%7CSree+Krushnadevaraya%7CSriracha%7CStalemate%7CStalinist+One%7CStardos+Stencil%7CStint+Ultra+Condensed%7CStint+Ultra+Expanded%7CStoke%7CStrait%7CSue+Ellen+Francisco%7CSuez+One%7CSumana%7CSunshiney%7CSupermercado+One%7CSura%7CSuranna%7CSuravaram%7CSuwannaphum%7CSwanky+and+Moo+Moo%7CSyncopate%7CTangerine%7CTaprom%7CTauri%7CTaviraj%7CTeko%7CTelex%7CTenali+Ramakrishna%7CTenor+Sans%7CText+Me+One%7CThe+Girl+Next+Door%7CTienne%7CTillana%7CTimmana%7CTinos%7CTitan+One%7CTitillium+Web%7CTrade+Winds%7CTrirong%7CTrocchi%7CTrochut%7CTrykker%7CTulpen+One%7CUbuntu%7CUbuntu+Condensed%7CUbuntu+Mono%7CUltra%7CUncial+Antiqua%7CUnderdog%7CUnica+One%7CUnifrakturCook%7CUnifrakturMaguntia%7CUnkempt%7CUnlock%7CUnna%7CVT323%7CVampiro+One%7CVarela%7CVarela+Round%7CVast+Shadow%7CVesper+Libre%7CVibur%7CVidaloka%7CViga%7CVoces%7CVolkhov%7CVollkorn%7CVoltaire%7CWaiting+for+the+Sunrise%7CWallpoet%7CWalter+Turncoat%7CWarnes%7CWellfleet%7CWendy+One%7CWire+One%7CWork+Sans%7CYanone+Kaffeesatz%7CYantramanav%7CYatra+One%7CYellowtail%7CYeseva+One%7CYesteryear%7CYrsa%7CZeyada&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dbfd192961150faaa5762d0bf7a6fc352ae6db0e0bc505b815804a026016079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.redpacketsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:28:56 GMT
x-content-type-options
nosniff
age
582902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17996
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:13:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 19:28:56 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C800%7CWork%2BSans%3A300%2C400%2C500%2C600%2C700%2C800%2C900%26display%3Dswap&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.redpacketsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:08:21 GMT
x-content-type-options
nosniff
age
72937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 17:08:21 GMT
fa-brands-400.woff2
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/webfonts/
73 KB
74 KB
Font
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/all.min.css?ver=5494467d91318570f42d5f3c69e98ca3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fe85646af222500a866fd63beedb6ae00576c4afab4e0d28b15d9d6d92cb7da5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/all.min.css?ver=5494467d91318570f42d5f3c69e98ca3
Origin
https://www.redpacketsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74760
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
"62a9cb44-12408"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXgWTXm4FF6uK1JmZ2GYw6VuNrqkhukbKQUATNh%2FVEpd5yK98m9cxp7JaAp%2BNiJSO5lA3NX5JWSvwGDhTPaNAePj%2FVpxXVCegqX3UVhyIEXOgLWpbDECbIjFCfr9oYFczRCEU00sQUDW4AjYgfGzOtulaTOrmgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
722efad4ce1e9034-FRA
fa-solid-900.woff2
www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/webfonts/
74 KB
74 KB
Font
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/all.min.css?ver=5494467d91318570f42d5f3c69e98ca3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e348d772480f8c0e5fa546b3c531a38700ae16b5dad5defb5e67ade7f6d332e8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/css/font-awesome/css/all.min.css?ver=5494467d91318570f42d5f3c69e98ca3
Origin
https://www.redpacketsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75392
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
"62a9cb44-12680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ban5N7qmHtq%2B7kHmgZf7le%2FE03iVDpCqwCQtasFtd4%2FVM%2BV%2FHB9zNfJ%2BjWhn9OmXqB4gQEm62TtXwYBW9aPj0uJCdUrEDXI1OLgxD85Gx7pzAT5UR39e4TLvBnEYW2hS0qE0M%2B7W%2BXIQVnX3gGsempE2HfodJW0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
722efad4ce1f9034-FRA
custom-time.js
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/
190 B
789 B
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/custom-time.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
878507828632957a2a0e471f1bfef8ef64ee4726f7fd03d05d77664823079fa5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"f9-5e17b59d6f323-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpjJv%2F8BWc9Bt1FapEoMiKoa63%2Bjt6FTqPg1%2FqdQbKAWJT54hPkIwfoJ3JwoY0K86Om9GeoYUldJ61gJ3Z0pWmgb9QmD3J62%2FtctsF0pOQW2nWzPsMaSbgYD5KEDwi%2B9aHJK4nsWZK9YaJJ2F%2BF6XEzCXWMD4a0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=43200
cf-polished
origSize=249
cf-ray
722efad4fe819034-FRA
cf-bgj
minify
custom.js
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/
3 KB
1 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/custom.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c6e098655bf365af10393cec5be569becfba92d4b3374f5f409ceaa5a3b3bad6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-13ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UkItfWkcLfA4aB79m7iWknh%2FVwmkj6whwfMlpn3unRqHRGtiooHOBLQOkImGKKX1Eyat87gMSXfvgtB1YQJFiPqjWJ5wohiRbId9cPnTQkw8CVoEZ223t%2BkLqUQaqjR4tm%2FIMoZrKDMwg9IkXY%2BkLtgI4reoHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-polished
origSize=5066
cf-ray
722efad4fe869034-FRA
cf-bgj
minify
jquery.modal.min.js
www.redpacketsecurity.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/
5 KB
2 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/jquery.modal.min.js?ver=4.3.26
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Jun 2022 07:27:03 GMT
server
cloudflare
etag
W/"62bbfec7-136e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHUbNikrSFl8sKJCVnMHrL5l0EmkUW8Y%2Fb553Rr7LaDvK2Egy7pNOKWjIX8Hg2%2FeE9lQGOM%2FWIV%2BbKp73VFsRDXhPUboCdaRshw6LB3DNEenqMUQdW08Mq9BicHyDCrPvGMfwD7O1%2Bs7xlApRC2wClUhMd3gd9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fe889034-FRA
smush-lazy-load.min.js
www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/js/
8 KB
4 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.10.2
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Jun 2022 07:48:55 GMT
server
cloudflare
etag
W/"62b02667-1eee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tlLEi0md4r7dbXVYakdJObelJpk9rfyRRwKqNHRZG7cb%2Bo490leAdZUfNbwSynZYTmMMbnkcEtEhyCJ4n9o6rDiUUJgwpqLsPapRulgB876MjQDH7XVNCsoDPYG8wLaY%2FHUWeFsobKhN0jNLc4aOPukrXvQsSg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fe8a9034-FRA
product-image-preview.min.js
www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/template/_common/js/
3 KB
2 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/template/_common/js/product-image-preview.min.js?ver=1.0.0
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e8dfa93e316db0c0dd5d74f51997783f3517b8db6c7fa2461898ae5109c0b429
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 19:27:37 GMT
server
cloudflare
etag
W/"62a78fa9-a19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujJnJpCSwe5r4HJhn693GibcgIKm2nghfntwWYr20Rh0iURyCSwmmh4JVZikpmuSxBKOzPTy14Vb9HQ9VP9nQLd5Haulbk3huQre%2B3Fezbguc0M3L6lcuBygrruYf%2BId%2FQVfv%2BShlzrv488QT4fsdElNfgpLRUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fe8f9034-FRA
product-tooltip.min.js
www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/template/_common/js/
1 KB
1 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/template/_common/js/product-tooltip.min.js?ver=1.0.0
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
b9983e0f3bd212e1f920657c96ca9b0f3ef62e4b6ebbd153abd0f1791ecac4a4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 19:27:37 GMT
server
cloudflare
etag
W/"62a78fa9-4c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=op0wj8LCAmv%2FaWthS4hn2GXDOimyzMAfTA3Hv9GB0J8SEfBlHaBbqEXl9%2Byzg%2Fvo8%2FZvWAQlqao403L6HLfSkgFYVSvT8W5XRful4m4qSsppaP2qT2Rs7EPmKByLqfStAdeiYLsNt4M2UEjkDBsAyjH0bHE%2BEXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fe919034-FRA
pointer-tooltip.min.js
www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/include/core/main/asset/js/
597 B
939 B
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/include/core/main/asset/js/pointer-tooltip.min.js?ver=5.2.9
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
629a298422d20d6be3aad025c6ddce8681991408627b1bf76f3e88abce039d2e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 19:27:39 GMT
server
cloudflare
etag
W/"255-5e15947fc1074-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzIPDtOiB0Gv2Vl%2FD9%2FQtAIwpu3kmOGQa3PxSeZF0OxJCcBPzXuDsQChTYNdGPAwewM4VPYufMsvo8pm5POkehKs95BPcdNWzb3vxQn51ufS%2Fi8lpbV%2FuJdEt3%2FTrPkxFgs67wW7bh0SFM%2FDzbGdHD6GuIMF6rA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=43200
cf-ray
722efad4fe929034-FRA
wp-pointer.min.js
www.redpacketsecurity.com/wp-includes/js/
4 KB
2 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-includes/js/wp-pointer.min.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7688d6c0bc721a9708d4f280bfc926b6bb25e2386300a906a7fe5fa31a334bc7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 28 May 2022 21:05:44 GMT
server
cloudflare
etag
W/"62928ea8-e25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMsbj2kGuiRrOIgI8hHr0IkhZI32Pw5qsKaMKHglTyKq0xwVGZGrnZg9BdhHREtQim2CyzDVjv4NT8L7mje2veipMmuVxv2rX1wQ7OY49ebVd%2FH2vWYsz02agLGBSYoSmT07zb0TaiZWDsvOarqbJzQZokXe1Tg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fe939034-FRA
i18n.min.js
www.redpacketsecurity.com/wp-includes/js/dist/
10 KB
4 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 28 May 2022 21:05:44 GMT
server
cloudflare
etag
W/"62928ea8-27ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4laIft5nsZudkaVOOdmnjo%2BgcdCAHIA5WIu6Ge9ff5zSUzzeUgN2k4BlM5ldiKSXuwe6pDZM4jdbNXqNtt%2FLPvFlgFrcIN8o818hqVVz6Q3Ntdjy%2FVUL69Zq8Kaoc7WAW1sc9j1dgU2FSzafP8Uea%2FFJucWiGYo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fe949034-FRA
hooks.min.js
www.redpacketsecurity.com/wp-includes/js/dist/
5 KB
2 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 28 May 2022 21:05:44 GMT
server
cloudflare
etag
W/"62928ea8-132e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1S9CyBuTvuZ1ruIx8BTCu7YOI6okH%2F2mEeW028aRGg1WyuATT8K%2BPPTdn3lm8US7z8fbBeaYSis4mOc7fmophM3HWjbQesn1c%2BhBpxhjBjq3N3oXpQABfwtRQkSJMmt%2BuATgvpprJCOlNHYXWhMXabI8gg52VQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fe959034-FRA
wp-polyfill.min.js
www.redpacketsecurity.com/wp-includes/js/dist/vendor/
19 KB
8 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 28 May 2022 21:05:44 GMT
server
cloudflare
etag
W/"62928ea8-4ac6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhViq5SCfFOb36DWKPhPsbVYQUbjvOZZC%2BsF2%2FDTLy%2BWtvP%2FSymKCnYaW1jv4Spfp%2FXurkh%2FaB7XcAgSUFp04MLr5Id2p8lJVPlEPdA7BGKclEcaX1zmGYhqIu6DhJOuLt3abuUwmnk02huyjNde4xVYHtyoTKM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fe989034-FRA
regenerator-runtime.min.js
www.redpacketsecurity.com/wp-includes/js/dist/vendor/
6 KB
3 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 28 May 2022 21:05:44 GMT
server
cloudflare
etag
W/"62928ea8-194b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvUYwzhx7IPSl0RYD02%2FjuSrFJAAyOIkV%2Be8MRbsiqk8H7gVeuMfioZyY45T6%2BLT38uKRhnVfH18jAQBu3iHNusq4VowZKIv6KkHKBw23%2F1mFtdENeev08aKG2zqhpQnejFX9D55PZZxw%2Bq1JEfmvSuQOOWKpEY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fe999034-FRA
core.min.js
www.redpacketsecurity.com/wp-includes/js/jquery/ui/
20 KB
7 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 28 May 2022 21:05:44 GMT
server
cloudflare
etag
W/"62928ea8-50eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toIdBX1lVXPxMLnOFZhxiCCas2XNlHdsoudJsOA5L%2Br6AhWiEjg5qGp0EbCfQlm%2FExLlSVt9KGwmo99A19u16I8Pk4N5RAPQavYMAqMY%2B%2BPWnA68Gp0rpg%2F0S7JzyRHkNiT0Lx1Fog19o3NWG0DAwHXdbLhg5rI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fe9b9034-FRA
now-retrieving-updater.min.js
www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/include/core/component/unit/asset/js/
3 KB
2 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/include/core/component/unit/asset/js/now-retrieving-updater.min.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
62192a35a334d4401e348cf6774b25795b248972e116befa3405d9b9128a5473
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 19:27:39 GMT
server
cloudflare
etag
W/"62a78fab-bd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Af4N9XEbiXZj%2BTLZqVJSElxeyudEr9ho2soCVFdeQjxeY0GNPosPmEjRMwPzhoTCQM19F%2F1C3VLbuJ3HAx2Tp3c1uPnPULneGz1XmAmFWWgijKADoFIb2DS3sBBW1%2FzvklLFMOrxdTbLFfv6cO7f9osjk7qaDK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fe9c9034-FRA
iframe-height-adjuster.min.js
www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/include/core/main/asset/js/
3 KB
2 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/amazon-auto-links/include/core/main/asset/js/iframe-height-adjuster.min.js?ver=5.2.9
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
54cb0643a7f536436b00df60b5bf7d1c37f71d9cca5bc05246f958a2573d0fa4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=8zRTlJHqtZ8SKJEz6jU8NbmaPqtdBgEAh2fIx7FzeZs-1656509038-0-AZESUESh6QUztGh64xPuYrO-4B__vOOaISaifCEIC1JbrGcsas6uvLqPX5N_pRyhmDcBH17EA1d8aKl6B25qaxE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 19:27:39 GMT
server
cloudflare
etag
W/"62a78fab-c5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH7AaU%2Bn%2BJHh4eTTF%2FLc3pCFzcXNKwTT%2BSi7BSQwrxUfXNxsWO7J1R2xmVgqc%2FkraejcizXGxTzcUO%2FNlVvGyp5eulicrfyNU4HcLgRz002q7dQ2sfccvX65CKkOIJuQX2WnL8SoAnqXJubMEz8K4Bc5AEmwDzk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fe9d9034-FRA
app.js
www.redpacketsecurity.com/wp-content/plugins/patreon-connect/assets/js/
244 B
822 B
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/patreon-connect/assets/js/app.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7d45256c95c1c245654bf298e27d9c538dc778a2ee050ba4678ac2a07f479869
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Mar 2022 09:03:28 GMT
server
cloudflare
etag
W/"162-5daf31e91c8c6-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjOu258oSW%2BOQMmWq6EhYj4poVo24vDL3pOS3Mj92jY8TX8efWiZHDxgM1%2FroAHN1%2Bs8lpuf2AavznQDisizOOcSLlSKkq2%2BtaBCko%2BranS9ujRo9iX74RlffT%2FoCe7%2B2L%2FNceUFQYEsX7aayFlXUpii%2BhcvBHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=43200
cf-polished
origSize=354
cf-ray
722efad4fe9e9034-FRA
cf-bgj
minify
widget.js
comments.app/js/
9 KB
3 KB
Script
General
Full URL
https://comments.app/js/widget.js?2
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
482f450b7fdbac6f9304643f3e731df20bf66c51fb0599fa9a734e5d102a9e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
gzip
last-modified
Fri, 19 Jun 2020 23:54:45 GMT
server
nginx/1.20.1
etag
W/"5eed5045-2390"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
164 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1536334219562771
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b80be40c3c47f8526cd90de3e7548b90660e0a869c00ae84affe5e287f0bd1dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redpacketsecurity.com/
Origin
https://www.redpacketsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56590
x-xss-protection
0
server
cafe
etag
5539559663908291422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Jun 2022 13:23:58 GMT
beacon.min.js
static.cloudflareinsights.com/
14 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
722efad57d3b9bbe-FRA
a01b5086.js
www.redpacketsecurity.com/wp-content/uploads/caos/
192 KB
69 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/caos/a01b5086.js
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7d853f12f80f4e85343c2bc6ee4ab226f479c09a0dfd46e00808ff0e32043293
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Jun 2022 07:27:03 GMT
server
cloudflare
etag
W/"62bbfec7-303e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMtvJuidNIzv2I%2BO%2B3I%2BU1tOrQy9paJDJUkPrzGSuIc2Zb%2FUcoGfh8kG5AHkQ024jpwMJ%2Br4%2FDiEDeo%2F0sSjg8nhOlCQRF3DnYSlzZlvi2sJt4rOoeMV%2BYt1oQUnTfoN5ZVVgXFWUHfR7PWfdfAzfnDb11M30lQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-polished
origSize=197603
cf-ray
722efad4fea09034-FRA
cf-bgj
minify
a01b5086.js
www.redpacketsecurity.com/wp-content/uploads/caos/
192 KB
69 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/caos/a01b5086.js?id=G-GN0W0LT7ZX
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7d853f12f80f4e85343c2bc6ee4ab226f479c09a0dfd46e00808ff0e32043293
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Jun 2022 07:27:03 GMT
server
cloudflare
etag
W/"62bbfec7-303e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ADTIBWWLjdDzYiW0QET6dnB7QjGR0aYXFti%2FQzp3lBkdA2gUf2kvUkmhSSgiUYlDa5utatUNQQcWksOqm4wuK1Y8SWLgq5rLZZiTXju4SUtq%2BcBJsbGWFfeXHG61IKLxIshbW6lppCd8IDg%2F%2BuRUNbX7FoYSnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-polished
origSize=197603
cf-ray
722efad4fea19034-FRA
cf-bgj
minify
front.min.js
www.redpacketsecurity.com/wp-content/plugins/cookie-notice/js/
8 KB
2 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 06:42:50 GMT
server
cloudflare
etag
W/"629ef36a-20ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlfDQ%2BgExbIJl6BVa%2FrWh6AdI0ZOz8YnScxDyU0JZbfExUsdkGG3g50nCcVXOQzbhZ1xiwvqjTv7LlHoVaIZnw72DUfqQ%2BJ2gGmJ6pQIYQsjRoUFyuWXQSmydMvDsKLPFBFdksRqIxyxFh6AyUvqDc2O5KTpqVc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fea29034-FRA
bootstrap-smartmenus.js
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/
3 KB
2 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/bootstrap-smartmenus.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
46489b4c55fb6dce029c4ebcaa74c9616a0a89dc3be3e0027d0113c698ed9968
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-177b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Olq2QofCBe5XQGFfMgf1qeo2I%2BKfQYW3HQH84HWTJJ3Sj1Lt9aoishbVl29%2FjRwd7S3557sY5bL6mVsr4x6Mo4yLTonAPzQYFckkHuBJ9AihcJHpc4XRIcktbOA%2BrUAWyyPzp5A1bGi0dEHZegu%2FEb6kpH0lzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-polished
origSize=6011
cf-ray
722efad4fea39034-FRA
cf-bgj
minify
jquery.smartmenus.js
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/
28 KB
9 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/jquery.smartmenus.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
4247183ff111bcf12affd18ba0da4a7a1ff0b4e7e491db67b9562b58d6a29c88
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-b62e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0s8DgFUnbx%2F71DU2R%2Bn8lW2XrNg7YfFikYOP11pJsKp%2BtqxcOAFNEXrfiNq6x4Tg%2BCc6kq4X00RV2NKYrw%2BGca%2BE1JhJ3TCxCE%2FGeqfnCO3ov89oiX8hqY%2BxgT%2BZZkdGVetPEZwekJFCY1yMnB891zxeX%2FDOcqU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-polished
origSize=46638
cf-ray
722efad4fea49034-FRA
cf-bgj
minify
main.js
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/
314 B
817 B
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/main.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9691e8c38e89f0117aa9aab7dc706fa84ff4c18279a0769cfd90579c897922c1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"271-5e17b59d6f323-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jl%2BVIaa2oWQOxugiBTS187pn92VPqsaehDR0qd2DcMJ2JP4pPfPOHUnNTsZAwyJvtRoFtVq5NpRztCSftXMtEzU1msNmQCxGsdP9SuZUmTNRqsFpZYjTzzIFwj8M4w%2FEmSZVL0BzpbYUPRxYZSW%2FSC5iL0OZ6WU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=43200
cf-polished
origSize=625
cf-ray
722efad4fea59034-FRA
cf-bgj
minify
jquery.marquee.min.js
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/
9 KB
3 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/jquery.marquee.min.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f7ec795d6ca0df8d0083c41b1a57aed9a3500897442639a0c24999a749eed08a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-2383"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ra0e2d2RF%2FRp0CitF3IfmDLIowmcO%2F0ioxehfUix3tMKV3oV6VWivTOCmldgZrAWqkdkuEQIrvqNXGQLaBFjb7EIBQv0IrP19NAtWCGbzvey%2FZDuv2Zfr0E%2FVSi0h1%2FGOF6lgY%2Bjt4eqCTRDvW0ZPNNXSeZJpA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fea69034-FRA
owl.carousel.min.js
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/
23 KB
7 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/owl.carousel.min.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-5d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ixurya8FA88TvcjPaSWSDCsVjtFv9mqZ4mwqb6DuP8bDNog%2FLfq06Pr%2F6yfCgroufG5ECGKPtbgkd6BtqIkdOgpqIQo9OgL6sK0vQt%2FFNwSl8syrqM9gilmhOvuoNtb9%2Fs2OZcbFOEP%2B1KrJXr4fE5%2BRTNwo8yE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4fea79034-FRA
bootstrap.js
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/
88 KB
21 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/bootstrap.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
da3e511b908f924d06bcd56a2274b737f070823715600c460dc5d593b276f961
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-22150"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPr5aAeqRn%2FIX7J08yfn4bhSJxVJMfZVdNF0Ze9fiwAsLDk5m1F9lXwF%2FztT5CSiJXnrAa%2BNhuNWvXJoO5F6IFNBzBY5%2FkTavfgXu%2Bt0QidYsv61VmoYliXWt7Ek1Gy%2F3Xrpf7B1MPs3OCazngFEC08TI2ssF98%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-polished
origSize=139600
cf-ray
722efad4fea89034-FRA
cf-bgj
minify
navigation.js
www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/
1 KB
1 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/themes/newsup-pro/js/navigation.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
975fcd769077c94bff0b689fbe3ad59e461ea7c948870bd979d21ad4716ecee9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Jun 2022 12:06:28 GMT
server
cloudflare
etag
W/"62a9cb44-938"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RG0kttPQCqTcZl10j%2FEmGTquTuPEsUC9mbCvibiIPBwG5eIt8QzTBu5ivHqDY4XTSJ0chIRMuP8AUHcoiJLjgdyBoak7yH%2FxOmEWHe6QdB%2BanW1Rszh3sk1nSSaJVv55bXh7ifKhvFrKiBXer9FDN2MB5UlOBA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-polished
origSize=2360
cf-ray
722efad4fea99034-FRA
cf-bgj
minify
jquery-migrate.min.js
www.redpacketsecurity.com/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Dec 2020 15:30:09 GMT
server
cloudflare
etag
W/"5fe21101-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQfv%2BgCEsUa3MWZxc34pIDWAS%2BNKjK4LOfzXjAVM%2BVojOj%2FH3lhp1xR%2Bec6h6jiqZwgMKrF2souIZnRxGPZLwxvc48jZEdbQ4ANpXyQSPlJX54DPNNRroevdrSTyBkPStoOhyI9ClMigBb3pOEKAYmpefse2J7M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4feaa9034-FRA
jquery.min.js
www.redpacketsecurity.com/wp-includes/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 28 Jul 2021 06:20:01 GMT
server
cloudflare
etag
W/"6100f711-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwOYaJZb7EAmodOeR%2BfN8ASAh8W02NTzbCrtWJDS0kGWiwpEb%2B5CkYp7HOzkSpd5LsrhGwyrqi1YxULZkTiEIFMA6YcsWcBihDq3s%2FbKz0yed1N5bk92AFWYh%2BvYrkU2iO8oNrPXiZLFfGqomo4v5%2F0x8dSXI78%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad4feab9034-FRA
s.js
www.redpacketsecurity.com/cdn-cgi/zaraz/
6 KB
3 KB
Script
General
Full URL
https://www.redpacketsecurity.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQmxhY2slMjBCYXN0YSUyMFJhbnNvbXdhcmUlMjBWaWN0aW0lM0ElMjBOZXclMjBQZW9wbGVzJTIwQmFuayUyMC0lMjBSZWRQYWNrZXQlMjBTZWN1cml0eSUyMiUyQyUyMnglMjIlM0EwLjkzNTgzNjUzNDkwNzQ3ODIlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5yZWRwYWNrZXRzZWN1cml0eS5jb20lMkZibGFjay1iYXN0YS1yYW5zb213YXJlLXZpY3RpbS1uZXctcGVvcGxlcy1iYW5rJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA==
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce29a0dfdf11c6e73b8ec94c69dfecda8c55e4052403f5605725fdfa9f6ec3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://www.redpacketsecurity.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gySIcs7Y270SacX3JpZmm3hLEke7fgZYdRZnlHVBBf4Y85Hj405swLZvFi3hJ4u5glz0h0Duz6xPO0b8gI%2B%2B9l0Era7Y82i6nSJQxwtBjx2qkwX%2Fk2qrdOJqUWwj8lVw330DuOnB%2Bqb47JbKOlZL6i9go3ln35Q%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
600
access-control-allow-credentials
true
cf-ray
722efad4feac9034-FRA
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
2122-2.png
www.redpacketsecurity.com/wp-content/uploads/2022/06/
466 B
1 KB
Image
General
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/2022/06/2122-2.png
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
b33ad250798eef9bd3379f3e7a9eeb55bd49bc718063bdaf568b7ed9dc3f4b9e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
cf-polished
origFmt=png, origSize=613
content-disposition
inline; filename="2122-2.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
466
last-modified
Wed, 29 Jun 2022 11:02:59 GMT
server
cloudflare
x-powered-by
PleskLin
etag
"265-5e29418a03a67"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaQSwVkK5ob6xLkTv8g47zbyFC7lKLOlWRGQHUpYZVKwgGtPujNxPHIDLOfwN2g1%2BKDnInSdYYY53KHYv3fOU3C0gVU6TGJ3OEo%2BpR2QfQx%2FenrNZY6huWiHUsaqeibR%2BG%2FMM27JLy7FbpdTJ%2FVM4IaIBSkJ1Eo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-accel-version
0.01
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
722efad50eb19034-FRA
cf-bgj
imgq:100,h2pri
Basta.png
www.redpacketsecurity.com/wp-content/uploads/2022/06/
3 KB
3 KB
Image
General
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/2022/06/Basta.png
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c96a3e443478227892693b5f48368af1720b31a64c703dbe7dd7acb85ae0e14d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
content-disposition
inline; filename="Basta.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2804
last-modified
Tue, 07 Jun 2022 21:44:06 GMT
server
cloudflare
etag
"629fc6a6-d51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6PnH7Q5Bv6bHTogA5LJqYPpFmt8bVqsYXaqCKT28RR%2B7FXDnMxKGOV0Qf4RL16oT716Y2LdY%2F0X%2Ful9hFnUmeZvI3P7pnRtAHtWWyrCi4%2F4CFIdOTaF%2BJO6oTLecZD74OhJAFs1NCOKWv%2FKOAmSLTNbh2%2B%2Be2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=43200
cf-polished
origFmt=png, origSize=3409
accept-ranges
bytes
cf-ray
722efad50eb39034-FRA
cf-bgj
imgq:100,h2pri
Cobalt-Strike.jpg
www.redpacketsecurity.com/wp-content/uploads/2021/11/
145 KB
146 KB
Image
General
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/2021/11/Cobalt-Strike.jpg
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
00ab36d5573ceab85b1bc2de3ff62f4a9402bdc7c8a9749ac58c7037aa4bd2b8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:58 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
148817
last-modified
Tue, 09 Nov 2021 23:11:50 GMT
server
cloudflare
etag
"618b0036-25696"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCPq7fniLdEuv8WnTNgqON5xkvM2lRKpMsAb%2B5hee%2BR93XllAHATG9W972hl9UaN5V588TyoCbD4KCAhULMupY2eQZ2wKGr495B74PeA9LvhTUSD8Rkr3jZ8QNjHOSVdvNuoaQsNSpQEN4kA6yIanaBfqaUC2hs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=43200
cf-polished
origSize=153238, status=webp_bigger
accept-ranges
bytes
cf-ray
722efad50eb49034-FRA
cf-bgj
imgq:100,h2pri
/
www.google.de/pagead/1p-conversion/4209956877/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/4209956877/?guid=ON&random=1656509525378&fst=1656509038886&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fb...
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4209956877/?guid=ON&random=649849245&fst=1656509038886&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecuri...
  • https://www.google.com/pagead/1p-conversion/4209956877/?guid=ON&random=649849245&fst=1656509038886&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-...
  • https://www.google.de/pagead/1p-conversion/4209956877/?guid=ON&random=649849245&fst=1656509038886&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-r...
42 B
0
Fetch
General
Full URL
https://www.google.de/pagead/1p-conversion/4209956877/?guid=ON&random=649849245&fst=1656509038886&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&tiba=Black+Basta+Ransomware+Victim%3A+New+Peoples+Bank+-+RedPacket+Security&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b1K8YoLrDJW-lgSR2JWoAg&cid=CAQSKQCNIrLMJtLOrYkq2ht4jVwo8p0PgHoFAG6_I-1pAAnutWnUdvCSTY-X&random=2324084328&ipr=y&prhg=0
Protocol
H3
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:23:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:23:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/4209956877/?guid=ON&random=649849245&fst=1656509038886&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&tiba=Black+Basta+Ransomware+Victim%3A+New+Peoples+Bank+-+RedPacket+Security&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=b1K8YoLrDJW-lgSR2JWoAg&cid=CAQSKQCNIrLMJtLOrYkq2ht4jVwo8p0PgHoFAG6_I-1pAAnutWnUdvCSTY-X&random=2324084328&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/4209956877/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/4209956877/?guid=ON&random=1656509525378&fst=1656509038886&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketse...
  • https://www.google.com/pagead/1p-user-list/4209956877/?guid=ON&random=1656509525378&fst=1656507600000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-bas...
  • https://www.google.de/pagead/1p-user-list/4209956877/?guid=ON&random=1656509525378&fst=1656507600000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-bast...
42 B
0
Fetch
General
Full URL
https://www.google.de/pagead/1p-user-list/4209956877/?guid=ON&random=1656509525378&fst=1656507600000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&tiba=Black+Basta+Ransomware+Victim%3A+New+Peoples+Bank+-+RedPacket+Security&u_tz=0&u_his=10&is_vtc=1&random=2190249940&ipr=y
Protocol
H2
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:23:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:23:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/4209956877/?guid=ON&random=1656509525378&fst=1656507600000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&tiba=Black+Basta+Ransomware+Victim%3A+New+Peoples+Bank+-+RedPacket+Security&u_tz=0&u_his=10&is_vtc=1&random=2190249940&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wp-emoji-release.min.js
www.redpacketsecurity.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-includes/js/wp-emoji-release.min.js?ver=5494467d91318570f42d5f3c69e98ca3
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 28 May 2022 21:05:44 GMT
server
cloudflare
etag
W/"62928ea8-48b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqyXncoWH6yPaRpPVVm3N87gwP74ss9873io96l2%2FmPKhVE1c4gQrbrsuWLntf2QUXqcLYTBHA3yC2ISGPcIBwhEQnWNzVpPMIppZ9S29MZJzbF1KSqICjGckCABWpEkzADafDte2sy%2B1MBVvQLMVK4LYVXJ6%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
722efad698969034-FRA
collect
analytics.google.com/g/
0
354 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-GN0W0LT7ZX&gtm=2oe6r0&_p=1984713907&_z=ccd.v9B&_gaz=1&cid=561496504.1656509039&ul=en-us&sr=1600x1200&_s=1&sid=1656509039&sct=1&seg=0&dl=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&dt=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.site_speed_sample_rate=1
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/wp-content/uploads/caos/a01b5086.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:23:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.redpacketsecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
354 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GN0W0LT7ZX&cid=561496504.1656509039&gtm=2oe6r0&aip=1
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/wp-content/uploads/caos/a01b5086.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:23:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.redpacketsecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a01b5086.js
www.redpacketsecurity.com/wp-content/uploads/caos/
192 KB
69 KB
Script
General
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/caos/a01b5086.js
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7d853f12f80f4e85343c2bc6ee4ab226f479c09a0dfd46e00808ff0e32043293
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5787
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Jun 2022 07:27:03 GMT
server
cloudflare
etag
W/"62bbfec7-303e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rM7RjALHZCvrVOqgvq0m3w9OkQ%2BzYY4gNssE6L%2FUrWL5kgfcr56gl%2F1ADpUtkN5hUQ5qhoBqDzkZkj3C%2BNIW8JUFGa3ljVdNfEDMb1cK%2FvBxbiP4WTiGzjdb%2BUbY7R5lPyvm34WFBTvDLxUZnh6xSdiD%2Fe58z6M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-polished
origSize=197603
cf-ray
722efad6c8e19034-FRA
cf-bgj
minify
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1536334219562771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa7570536a241579efb1eca60b9b8b3e30d171663777c0ca3011414a42cfc61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122508
x-xss-protection
0
server
cafe
etag
7159627652184417607
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 29 Jun 2022 13:23:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/ Frame 4BEE
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1536334219562771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redpacketsecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 20:01:51 GMT
etag
10429905676100781186
expires
Tue, 12 Jul 2022 20:01:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
comments.app/embed/ Frame C5F5
7 KB
3 KB
Document
General
Full URL
https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Requested by
Host: comments.app
URL: https://comments.app/js/widget.js?2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c1c4a5cd21da66fc405d7f029b47796497445dca00c11f9fb8eca2f90a171a5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.redpacketsecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-encoding
gzip
content-length
2554
content-type
text/html; charset=utf-8
date
Wed, 29 Jun 2022 13:23:59 GMT
pragma
no-cache
server
nginx/1.20.1
strict-transport-security
max-age=31536000; includeSubDomains; preload
Basta.png
www.redpacketsecurity.com/wp-content/uploads/2022/06/
3 KB
3 KB
Image
General
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/2022/06/Basta.png
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.10.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c96a3e443478227892693b5f48368af1720b31a64c703dbe7dd7acb85ae0e14d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5787
x-powered-by
PleskLin
content-disposition
inline; filename="Basta.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2804
last-modified
Tue, 07 Jun 2022 21:44:06 GMT
server
cloudflare
etag
"629fc6a6-d51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnjeFfu4zFF2XGZ6uof5BgG7b0VZVzFFF%2FY1OlpWglz%2Fwfh3B3pxLmLTqugtaNhhdXfZv7t1m%2FfJglM5pxrW4hF2s0gax5gS%2BnGT%2FIDR13Z9uttNV10UKkaLu7Zir9piq2PYpr6Fs8idjn8opU3jUa57mHZRmyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=43200
cf-polished
origFmt=png, origSize=3409
accept-ranges
bytes
cf-ray
722efad719699034-FRA
cf-bgj
imgq:100,h2pri
cropped-cropped-redpacketsecurity-banner.webp
www.redpacketsecurity.com/wp-content/uploads/2022/01/
860 B
1 KB
Image
General
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/2022/01/cropped-cropped-redpacketsecurity-banner.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
4cb636b91baa2ce444767df4b186194cd84ce5740b196123d3da1e2ead84e245
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
860
last-modified
Wed, 15 Jun 2022 09:09:51 GMT
server
cloudflare
etag
"35c-5e178e2382617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qANmevsCf%2BP6JBZr29uEAm1lF2VDAs41G%2F9Dr04RfbfMgjjAqywPVJtRlCaxt6dFeOOEJK%2FcH%2BBS%2FYyF2BwL0oqCqcaq7SILN0begEtBxj7BQXEj6qnEu96FqLAzYls41BVey%2Blfz%2BEz198SmVXz%2FAKDfJ%2FwgSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-accel-version
0.01
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
722efad7196b9034-FRA
pica.js
www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/
18 KB
7 KB
Other
General
Full URL
https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bb10a2d723e30af4234cc3dcc1a82702a390c01ebe7f3171bfb1f42be2f0d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gz4CSnvdfgZsFMa4xzq%2F8lztF6VJB2%2BjT5EIKx3OD%2FhD0bWfxnaQBk4GSRVZgyrl3ZO7oWA%2FkmJVvTwZoB1X8Y8FQ%2FAGD%2B3UDkCAQHlvIKNRMwAC3HCwVAlzSqkDFxDpdkybd1IDNbSUHOw2h3UVd5mXfWE4DDw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
722efad7297b9034-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
smush-placeholder.png
www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/images/
136 B
860 B
Image
General
Full URL
https://www.redpacketsecurity.com/wp-content/plugins/wp-smushit/app/assets/images/smush-placeholder.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ae394bf43bc39f7c6b3f439de04f6b75288d849a0ecae5000a2452546063647c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5786
cf-polished
origFmt=png, origSize=995
content-disposition
inline; filename="smush-placeholder.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
136
last-modified
Mon, 20 Jun 2022 07:48:55 GMT
server
cloudflare
x-powered-by
PleskLin
etag
"3e3-5e1dc55ffc272"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9FPwobGlmfAX0mLTppJTFdkoBz%2B3Hw%2BtHyGdkFyajkZz5qO68NXbeWV4srTClhnpbTnRb0UUVdqvS3l4oTzrvt9E8DVoFYOTmviLJSvP5cS4E5PPTi0%2BBppl%2Br1qnJlNW2o2V6nzzUEMrpY3M0GC5HYpt5Y808%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-accel-version
0.01
cache-control
max-age=43200
accept-ranges
bytes
cf-ray
722efad729839034-FRA
cf-bgj
imgq:100,h2pri
loading.gif
www.redpacketsecurity.com/wp-admin/images/
1 KB
2 KB
Image
General
Full URL
https://www.redpacketsecurity.com/wp-admin/images/loading.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6d53299eeb9516dbba670ceeb55e8e5ce2186edb71518f6a1bd16553308f17c2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1372
last-modified
Thu, 16 Jan 2020 19:35:16 GMT
server
cloudflare
etag
"5e20baf4-55c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XShsfV9FdfmvN5b7OMcDFbsFzLHfEzHrItOvTGQVOVAEUHagIV4PIYlpD2Yg%2BXB74asS57SxV4CrzS2n2cMtaGVIuQ9M5FQGqaHNCskd55Cpte8Si9JAxnhGUA1L5XqaLPSsp1NULs%2BXVPhgyG7%2Bs5d7wGuWlbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
accept-ranges
bytes
cf-ray
722efad739959034-FRA
rum
www.redpacketsecurity.com/cdn-cgi/
0
173 B
XHR
General
Full URL
https://www.redpacketsecurity.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.redpacketsecurity.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
722efad739979034-FRA
vary
Origin
css
fonts.googleapis.com/ Frame C5F5
4 KB
621 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 12:44:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 13:23:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 13:23:59 GMT
bootstrap.min.css
tg.dev/css/ Frame C5F5
42 KB
10 KB
Stylesheet
General
Full URL
https://tg.dev/css/bootstrap.min.css?3
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.222.176.10 , United Kingdom, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-a61b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=345600
expires
Sun, 03 Jul 2022 13:23:59 GMT
bootstrap-extra.css
tg.dev/css/ Frame C5F5
70 KB
13 KB
Stylesheet
General
Full URL
https://tg.dev/css/bootstrap-extra.css?2
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.222.176.10 , United Kingdom, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6342d16a93416b5e826f6d0e0e930ef033efb682851ae46270f3c4f5b4a1c194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-11648"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=345600
expires
Sun, 03 Jul 2022 13:23:59 GMT
widget-frame.css
tg.dev/css/ Frame C5F5
83 KB
22 KB
Stylesheet
General
Full URL
https://tg.dev/css/widget-frame.css?59
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.222.176.10 , United Kingdom, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
37e87643d88538a3667dd0cf9aded067e0a52bc47e4b3a901a5c3c0a3b3a453b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Fri, 18 Mar 2022 10:32:52 GMT
server
nginx/1.18.0
etag
W/"62345fd4-14ddc"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=345600
expires
Sun, 03 Jul 2022 13:23:59 GMT
comments.css
comments.app/css/ Frame C5F5
83 KB
20 KB
Stylesheet
General
Full URL
https://comments.app/css/comments.css?31
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e450af4a7c4974ea3ff324b629876380e0ca9605333a57152a953310c4a4661a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Fri, 24 Jul 2020 12:57:13 GMT
server
nginx/1.20.1
etag
W/"5f1adaa9-14b98"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
jquery.min.js
tg.dev/js/ Frame C5F5
94 KB
38 KB
Script
General
Full URL
https://tg.dev/js/jquery.min.js
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.222.176.10 , United Kingdom, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-1762a"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Sun, 03 Jul 2022 13:23:59 GMT
jquery-ui.min.js
tg.dev/js/ Frame C5F5
96 KB
32 KB
Script
General
Full URL
https://tg.dev/js/jquery-ui.min.js
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.222.176.10 , United Kingdom, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-181a9"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Sun, 03 Jul 2022 13:23:59 GMT
bootstrap.min.js
tg.dev/js/ Frame C5F5
31 KB
10 KB
Script
General
Full URL
https://tg.dev/js/bootstrap.min.js
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.222.176.10 , United Kingdom, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b5e930df6a2976d5df996e18b347e091756699ea32716dc53d0e1c0fd814c526
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 17:54:14 GMT
server
nginx/1.18.0
etag
W/"5a05e7c6-7d0d"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Sun, 03 Jul 2022 13:23:59 GMT
main-aj.js
tg.dev/js/ Frame C5F5
34 KB
10 KB
Script
General
Full URL
https://tg.dev/js/main-aj.js?58
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.222.176.10 , United Kingdom, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e28b35a3da8773aebff732255cd50f4693c5bc2b6906f7a0d2b9f76060d0a2e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Fri, 03 Jun 2022 13:37:51 GMT
server
nginx/1.18.0
etag
W/"629a0eaf-88ea"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Sun, 03 Jul 2022 13:23:59 GMT
tgsticker.js
tg.dev/js/ Frame C5F5
14 KB
4 KB
Script
General
Full URL
https://tg.dev/js/tgsticker.js?27
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.222.176.10 , United Kingdom, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8ba64ea38909392d4cabab89c686db48a38780d9a9efa30d8cc20980c21f7946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Sat, 09 Apr 2022 12:24:06 GMT
server
nginx/1.18.0
etag
W/"62517ae6-38ec"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Sun, 03 Jul 2022 13:23:59 GMT
telegram-widget.js
oauth.tg.dev/js/ Frame C5F5
19 KB
6 KB
Script
General
Full URL
https://oauth.tg.dev/js/telegram-widget.js?19
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.222.176.10 , United Kingdom, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
60c62e0e44a2b4a1116d28f8a69f20c108cc84b5c173060d134a6ec083e12240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Thu, 14 Apr 2022 10:47:14 GMT
server
nginx/1.18.0
etag
W/"6257fbb2-4a0b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Sun, 03 Jul 2022 13:23:59 GMT
widget-frame.js
tg.dev/js/ Frame C5F5
84 KB
23 KB
Script
General
Full URL
https://tg.dev/js/widget-frame.js?56
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.222.176.10 , United Kingdom, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
333995c0787761614afd94b2c38133bcfc513b40caa1e2708e65a8ff89e707c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 02:02:36 GMT
server
nginx/1.18.0
etag
W/"61c3d8bc-14ff3"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
cache-control
max-age=345600
expires
Sun, 03 Jul 2022 13:23:59 GMT
comments.js
comments.app/js/ Frame C5F5
81 KB
22 KB
Script
General
Full URL
https://comments.app/js/comments.js?35
Requested by
Host: comments.app
URL: https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
aa441bf5f2ac8c608371513bad73ea45ad6dc8b7c50e3c6841af81147d0b96ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comments.app/embed/view?website=S_Epbvwz&page_url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&origin=https%3A%2F%2Fwww.redpacketsecurity.com&page_title=Black%20Basta%20Ransomware%20Victim%3A%20New%20Peoples%20Bank%20-%20RedPacket%20Security&limit=5&color=E22F38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
last-modified
Tue, 17 Nov 2020 20:59:36 GMT
server
nginx/1.20.1
etag
W/"5fb439b8-142f4"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
722efaccda519107
www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/cv/result/
2 B
740 B
XHR
General
Full URL
https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/cv/result/722efaccda519107
Requested by
Host: www.redpacketsecurity.com
URL: https://www.redpacketsecurity.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1656504000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEKr8fDftkKXSmkuxvJPucOSpuCimDN%2B0mPc%2BBw8a%2FiCgoP2KH74g8eNkcmGo5Ethde4jd9XC8FeIcEprlv2oke1QRXx3Ad3F26UI0ZjNiie%2BoCKJsbY6mOyYRvciNdo%2BgMbmpcP5Qv%2Bs4c8fcoc2TAQjxCel3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
722efad92c5a9034-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookie.js
partner.googleadservices.com/gampad/
225 B
655 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.redpacketsecurity.com&callback=_gfp_s_&client=ca-pub-1536334219562771
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52bbb80de38a831973b2eef5325fa01354cae1a031376ded2f93b2a1de53fa94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
211
x-xss-protection
0
truncated
/ Frame C5F5
694 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76216b6c25b768e5bee4b758dacfef993b3e87cc2d7fd9bf192bd685d1ae9bfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C5F5
706 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b28d8e93ecf9067ff746e514c79ad5adc53cc00965630bfe0b118cf80f7bf065

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C5F5
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://comments.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 12:56:05 GMT
x-content-type-options
nosniff
age
174474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 12:56:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C5F5
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://comments.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:07:55 GMT
x-content-type-options
nosniff
age
152164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 19:07:55 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.redpacketsecurity.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.redpacketsecurity.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&tn=DIV&id=cookie-notice&cls=cookie-revoke-hidden%20cn-position-bottom%20cn-effect-fade%20cn-animated%20cookie-notice-visible&ign=false&pw=1600&ph=1200&x=1575&y=1175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:23:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B6BF
42 KB
6 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&adk=1812271804&adf=3025194257&lmt=1656500643&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039165&bpp=3&bdt=902&idt=385&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8545601013669&frm=20&pv=2&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=405
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fdfb2304fc4b4ce74cdc70e83a8d62bdd46b3bfd0a69abea17fe490faec746c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redpacketsecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
5822
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 13:23:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220623&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
898bb33c4d697683d384a3ac69acba30a8eaefb8591c54bb287a3eb445dc0278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10616
x-xss-protection
0
css2
fonts.googleapis.com/ Frame C5F5
112 KB
29 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=M+PLUS+Rounded+1c:wght@700&display=swap
Requested by
Host: tg.dev
URL: https://tg.dev/css/widget-frame.css?59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1c5e16c3abc728ef3c7eb1ff66fc5b15f08232156bae6493e37becbd1b2f01d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tg.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 12:42:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 13:23:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 13:23:59 GMT
PATREON-SQUARE-300x300.jpg
www.redpacketsecurity.com/wp-content/uploads/2021/05/
18 KB
19 KB
Image
General
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/2021/05/PATREON-SQUARE-300x300.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2c6c5fa1a182530d794b033ee34f4a2d9e0b12db9ca65d696d79c6862f63a801
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5781
x-powered-by
PleskLin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18596
last-modified
Wed, 12 May 2021 10:31:12 GMT
server
cloudflare
etag
"609bae70-4af9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ei3kBULg8t4EaSvDQUR0JsyptNbXa40AXQ7%2FaT4ndQYfbzJpxrWZF6nY62iXMIUbT2QPwpcIAOf6ScGz3uKqHd0kjFHsvswow3sL6VG1T7Wu9jg0XpQnSQxIWzvN8dHeNKH0ZjbUiEcB%2FmwlG9rNzHkKnEAUBT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=43200
cf-polished
origSize=19193, status=webp_bigger
accept-ranges
bytes
cf-ray
722efad98cc19034-FRA
cf-bgj
imgq:100,h2pri
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 13:23:59 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.redpacketsecurity.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.redpacketsecurity.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Jun 2022 13:23:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0938
436 B
232 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=401700074&adf=3899895289&pi=t.aa~a.1129142743~i.8~rp.1&w=1038&fwrn=4&fwrnh=100&lmt=1656500643&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6266461316&psa=0&ad_type=text_image&format=1038x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rh=200&rw=1037&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=3&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0&nras=2&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=90&ady=1541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=V9qQDhEz1r&p=https%3A//www.redpacketsecurity.com&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a3557561f3fca1c3bab36778cfeb2a9990aa86a23e50d64216f1f1a46adb571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redpacketsecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 13:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6E76
91 KB
33 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab9923ddf87ea918721ca60169271da941bbdc98c55793246a8b3c1dd4cc25cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redpacketsecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
33540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 13:24:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3129
65 KB
22 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
019dbff595e10442fcdc74c8cba3419c88100517861d3bca0ab49164a1338448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redpacketsecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
22175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 13:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5CDA
96 KB
34 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43124dcb89fbed91eb7ab07811071065ae32e74a4f682bc11a2654c826220007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redpacketsecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
34348
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 13:24:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3FF1
95 KB
33 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a813f571283df3b4c18c535c9f408ae4897bf5e4d46faa8adeee189d8f732672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redpacketsecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
33999
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 13:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D9C8
73 KB
24 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1536334219562771&plah=www.redpacketsecurity.com&bust=31068232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
342125f8b526a75dd8ed829225c6a23af06249bf360efc2962c340cacd3fe517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redpacketsecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
24467
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 13:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3741
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.redpacketsecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 13:14:13 GMT
expires
Thu, 29 Jun 2023 13:14:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 43EC
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ed975bb9abdeeb1bbfdbade21b8fda090b77d786cc2fa4c6b4577ffc33530d5d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pNtPH-9KJWM8v_0xAiBeQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.redpacketsecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-pNtPH-9KJWM8v_0xAiBeQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 13:23:59 GMT
expires
Wed, 29 Jun 2022 13:23:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 43EC
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220623&jk=506695731728135&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
pagead2.googlesyndication.com/bg/ Frame 3741
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
562026c9163e2ca1a55c623f92db7db0ecbe1d1cc5a60992f4bf43eaa48c57ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 11:45:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
5900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13935
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 11:45:40 GMT
generate_204
tpc.googlesyndication.com/ Frame 3741
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?dKswbg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Digital-Patreon-Wordmark_FieryCoralv2-1024x209.png
www.redpacketsecurity.com/wp-content/uploads/2021/01/
9 KB
9 KB
Image
General
Full URL
https://www.redpacketsecurity.com/wp-content/uploads/2021/01/Digital-Patreon-Wordmark_FieryCoralv2-1024x209.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
798519ce47ff93dbb094e3bb3ee857bea4dfd1dfaa919bd0f3ea2a91479bec9e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:00 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
181
x-powered-by
PleskLin
content-disposition
inline; filename="Digital-Patreon-Wordmark_FieryCoralv2-1024x209.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8722
last-modified
Sun, 03 Jan 2021 14:16:16 GMT
server
cloudflare
etag
"5ff1d1b0-3eab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKBKRgs3PCCQIk6jZxrcoc6RUodLANgrOkL85dr3PVzOHZ4VzhJm9rHZkBL64KvHfpzu1h2ZGzmXpHXu2DVIAFVY94Q6mjIxDvnTDFcPqinkAdfdSTaXQkAs6HoakP5RsBab4Ke2DwZfzenrqvAkEQggKYLXaR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=43200
cf-polished
origFmt=png, origSize=16043
accept-ranges
bytes
cf-ray
722efadeecd89034-FRA
cf-bgj
imgq:100,h2pri
fa287546e1d5bd0678894d5c227e456c.js
www.gstatic.com/mysidia/ Frame D9C8
10 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 09:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4351
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 00:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 09:05:41 GMT
db2e47a9a3671f527cf86ca9ac22fc67.js
www.gstatic.com/mysidia/ Frame D9C8
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/db2e47a9a3671f527cf86ca9ac22fc67.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 09:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4277
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 00:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 09:05:41 GMT
css
fonts.googleapis.com/ Frame D9C8
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 12:44:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 13:24:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 13:24:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame D9C8
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:19:50 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/ Frame D9C8
21 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:18:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame D9C8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:20:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame D9C8
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:13:23 GMT
l
www.google.com/ads/measurement/ Frame D9C8
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQakXVrzo2VeaH9ziCWIKSf5mYjT15KOT8qzNTZWFQWJoZB9SaRMzJND8yEAyrW2tKYoSpyOxy51SDi0Lu1utG0oC9idQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D9C8
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 13:24:00 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame D9C8
31 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 07:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 07:02:55 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/11800230475030986862/ Frame D9C8
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11800230475030986862/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c46e975fc3535ada808fc824ed124688634e1eca90f8e5fbd18a821e9e80068f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 12:55:51 GMT
x-content-type-options
nosniff
age
88089
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1730
x-xss-protection
0
last-modified
Thu, 20 Dec 2018 14:42:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Jun 2023 12:55:51 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D9C8
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CAYU7b1K8YpqzPLaezLUPiNG0kAG3kvCDYrDapcPODsPSiKKUGhABILWvoCdglZqagqwHoAGV9vDeA8gBAakCpTX3jFCjsT6oAwGqBI0CT9ADU_iI7HBSbsEqqVrdBkANN2G2DhfsiOWkLjDiOYmX8fCMWQLtCj4ztWppO2lbwoLtQcQgFy5szQ243E9j8ly1ThJAHJ6hI5mXs4fnPzHeCUpYV7RhABonKyKBv6OcIKGS0FkPFM9yrp4IeJZPrQ-2Ucb7lr3YhwLJXfQK5tLaMHxkGzP5t2Lzi-hbgYOJk8KSOCHKdJvzWf4RZkOew3Q7sOBjhGLtyHjONxlfMGCQxCbbF0AAiGXeEGSgr64Fnmlyb8n4sqlAL7a5nDZ_yDjH5TVpTYLQQbQ625_3ZYQjacZNABT22zS-iY3897GHWs5410PZIN0LoeCRpA14zFKg5X-k87aidHeQ5InABM_0yOPyAZIFBAgEGAGSBQQIBRgEgAfTiY8hqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ7UDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi0xNTM2MzM0MjE5NTYyNzcxGAA&sigh=RJwfoWTNqFg&uach_m=[UACH]&template_id=5001
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 29 Jun 2022 13:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5C4A
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1994
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 12:50:46 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D29F
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27016
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 30 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D9C8
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e11a59dd88d8cb969b8297e9e6e2cdd1012edaa60435e3c8330d90529af863cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 3129
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 12:44:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 13:24:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 13:24:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 3129
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:19:50 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/ Frame 3129
21 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:18:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 3129
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:20:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 3129
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:13:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3129
138 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 13:24:00 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame 3129
31 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 07:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 07:02:55 GMT
/
track.seadform.net/adfserve/ Frame 3129
35 B
0
Fetch
General
Full URL
https://track.seadform.net/adfserve/?bn=54461400;1x1inv=1;srctype=3;ord=3371293618
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
adview
googleads.g.doubleclick.net/pagead/ Frame 3129
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZbOrb1K8YqrqO4bB0_wP4Nuk-Am3yqnjaua4p870D7ivyKT-LxABILWvoCdglZqagqwHoAHI5NeKA8gBAakC8k2SO72ksT6oAwGqBJECT9Atq6wYFYTONzJ2CX_-6Us1vvgAtuzqGWKIDvA8n3Hr1PrT7l3O8JUhRCp5e5JTH78xEu3sPI5uqsQmFBi4nyssIGMormr2MEqPhKNHKlC7MuQjCyVE7E8e0wwW5pNvaZsMZoUS_wEpdUvyS4Ye6QAJ9u10R6ThLxj8hTqaTE_gFm2nf09a5wgyZePMYA23D1iWrZ9bMNoZ6uAfg8ucvADJxqsQgVxHZ-QRX6iNcCl4prIv8h2DuOtM-3QsTg7RKfD_ArqBwMO8Mnlbfk6lzZTr08WH9C4k8Gdd5GiaD7Mpds4ztfV8Ok1vKKx4HbAWPV6gR2SdEs6lFi4g4Mi1HQgvCVeDIwb0uKuTC5OPxF1gwATbgJydjQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHoJuodagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENm7AdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTE1MzYzMzQyMTk1NjI3NzEYAA&sigh=hcHWT3rNpro&uach_m=[UACH]&template_id=5007
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 29 Jun 2022 13:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/5433359793388361045/ Frame 3129
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5433359793388361045/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7147639902c3336843e877d3245dc6adc61ffca9b8aa61ab591b50491e13c9cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 14:16:58 GMT
x-content-type-options
nosniff
age
601622
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
last-modified
Fri, 24 Sep 2021 12:26:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 22 Jun 2023 14:16:58 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/8144808980298310868/ Frame 3129
967 B
994 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8144808980298310868/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b280d1cc19c24e39b526105b152d8458a53f9ac9a338d40daca2c7bed1c90034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 11:37:02 GMT
x-content-type-options
nosniff
age
6418
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
967
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 16:03:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Jun 2023 11:37:02 GMT
dpixel
cms.quantserve.com/ Frame D29F
35 B
462 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJBdCjHWMPPJM6f4gBGC0Go&google_cver=1&google_push=ARnp8GCTSnQW0R3Y0C6Dikpke3pL6AhlERohAhkF6pu6Bnjzdk6EpxpPl89AP_Qvjs7tGGt2RRZXDJY12g64qWkpKb_J7_IA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D29F
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJo_LOFA_6oW7ZGCUvk5lr0&google_cver=1&google_push=ARnp8GBP4NzpIufufHhR1ucO5YhjGxxhktXxyTO-jQpvvaVnZyeGUoNVHfoNDLOY0rEl2e8_hsZU30HRoe1x-OyMKgdzldxb
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GBP4NzpIufufHhR1ucO5YhjGxxhktXxyTO-jQpvvaVnZyeGUoNVHfoNDLOY0rEl2e8_hsZU30HRoe1x-OyMKgdzldxb&google_hm=Q0FFU0VKb19MT0ZBXzZvVzdaR...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GBP4NzpIufufHhR1ucO5YhjGxxhktXxyTO-jQpvvaVnZyeGUoNVHfoNDLOY0rEl2e8_hsZU30HRoe1x-OyMKgdzldxb&google_hm=Q0FFU0VKb19MT0ZBXzZvVzdaR0NVdms1bHIw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Jun 2022 13:23:59 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GBP4NzpIufufHhR1ucO5YhjGxxhktXxyTO-jQpvvaVnZyeGUoNVHfoNDLOY0rEl2e8_hsZU30HRoe1x-OyMKgdzldxb&google_hm=Q0FFU0VKb19MT0ZBXzZvVzdaR0NVdms1bHIw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D29F
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GCmDfg2...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GCmDfg2...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjkxMzI0MDEwMDA2OTQ2MjYzODE5Mg%3D%3D&google_push=ARnp8GCmDfg2STzNTPqbE7dCdu2arkxVhEjMhTphsQBHvuJva5TzarQYqzM7jrWZDz56ZZ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjkxMzI0MDEwMDA2OTQ2MjYzODE5Mg%3D%3D&google_push=ARnp8GCmDfg2STzNTPqbE7dCdu2arkxVhEjMhTphsQBHvuJva5TzarQYqzM7jrWZDz56ZZKiAQX0pj1xLGLI9cgqPPbVK2DJ3A
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjkxMzI0MDEwMDA2OTQ2MjYzODE5Mg%3D%3D&google_push=ARnp8GCmDfg2STzNTPqbE7dCdu2arkxVhEjMhTphsQBHvuJva5TzarQYqzM7jrWZDz56ZZKiAQX0pj1xLGLI9cgqPPbVK2DJ3A
pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Wed, 29 Jun 2022 13:24:01 GMT
dds
rtb.openx.net/sync/ Frame D29F
43 B
134 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMmriXffsUqwkC_ZHZYKibE&google_cver=1&google_push=ARnp8GBEdw1MBb88vFtJMIhYr3T7loD6pa1NOQ4wXKSbSKIDIVFc0iaIXjNbsXNZ-fEQiroI2hWJ4J7bRVqukxbvTKF8CPxlbQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
o6ligs92t62716tenlpdhco2emm9nl14
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D29F
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKz49wHjuWyUJOSOhqWiWDk&google_cver=1&google_push=ARnp8GAtgjWIoM4op0fvxsDQCZHpb-Q092V5LCCapbPSp_IQQgErRYwif7gsWyg3FBq6qR2IZ9iKsajWNCwH1i-KXYZvQCdG4Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D29F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMTrQVCe8oUW4Of8YryJf6E&google_cver=1&google_push=ARnp8GA_cvbV35btVhUHuXMcC9tAFsyFQmA8ccKrCWtnJLpx6ZrQvW4I10Jiz8akGmFEI5-rJhi...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPNjUtMVQtS0pCUg==&google_push=ARnp8GA_cvbV35btVhUHuXMcC9tAFsyFQmA8ccKrCWtnJLpx6ZrQvW4I10Jiz8akGmFEI5-rJhiPdd9WgZ7vfKo5Op6G4SF7CA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPNjUtMVQtS0pCUg==&google_push=ARnp8GA_cvbV35btVhUHuXMcC9tAFsyFQmA8ccKrCWtnJLpx6ZrQvW4I10Jiz8akGmFEI5-rJhiPdd9WgZ7vfKo5Op6G4SF7CA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPNjUtMVQtS0pCUg==&google_push=ARnp8GA_cvbV35btVhUHuXMcC9tAFsyFQmA8ccKrCWtnJLpx6ZrQvW4I10Jiz8akGmFEI5-rJhiPdd9WgZ7vfKo5Op6G4SF7CA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame D29F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_push=AR...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GBYUPWF6RqF-hrsUZJD2lXSpoqjTwuNz...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GBYUPWF6RqF-hrsUZJD2lXSpoqjTwuNzAJKoX0mT_Bw7QynsJKvKSDO9nv8a4Q0aUWC5h-twnwboPu0GgFworLtVXl6FQ
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mgl6EKagcIoTE8tjaX5dhnH%2F0Owhqd%2BeSFbQvvlP2tLpqUPGA774KSryWGEUIuW9J9kmYSpqXVzbMFtA8GR1SyAV2q0ieXBGqjEBp71kzNJSw879mjLkL7%2BuIwLrrb8sSUU3gEAw2OL%2BZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GBYUPWF6RqF-hrsUZJD2lXSpoqjTwuNzAJKoX0mT_Bw7QynsJKvKSDO9nv8a4Q0aUWC5h-twnwboPu0GgFworLtVXl6FQ
cache-control
no-cache
cf-ray
722efae17bf09960-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame D29F
0
40 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ia_YwWE-suWw5M1BY_tbAmYxre9gzEjNMsg7D5ImRtLA4BjyZCZcFP6gUKywZfWiTpdg_A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5C4A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=90&adk=2234643338&adf=1237150122&pi=t.aa~a.3524117837~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=1200x90&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=1&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280%2C353x280&nras=7&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=lDKDtZwD4x&p=https%3A//www.redpacketsecurity.com&dtd=67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 13:24:00 GMT
expires
Wed, 29 Jun 2022 13:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 13:24:00 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8663
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1994
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 12:50:46 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C37E
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27016
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 30 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220623&jk=506695731728135&bg=!WlmlWR3NAAa8IIBmnCA7ACkAdvg8WhQRJpeW_GXD1yX9ZVrxkrle-JyTrkX2tpWChC6S0PJeNjQlRwIAAABIUgAAAAFoAQcKAF35gjO4KaYOs8VEiRKHzucqjV7u4RNZzZaWHjlOAkgLn9S63t_NisUDSWh2XCG0TDPkuxCIO0dF4PSwFQ-fkQ00PD24aP5gLHMr5Qp8T-kiFb1RAHtxmytJCoOH4d-ZAqHnQp61RvSiMyoYHserOY65n37g3P0lukIMXC_aBf6dLsb4lkE1RDShItzvOFMGr-ZD756pZbVI6YITAciiPEpG87dBjH1Zi1LTVE67RpJ3DunXzEx_AQV-bJ1xPtXULgQaaOUpNogOoY1T2gJ0kL-x-Jj9yS4A5B4-TFJH_Q7VI0F7g9iNXT2XrGkqC5Ebp-n_4J0x5cNsv0XSf_Kwxy7NQDv-_OS8eVZgIJNi9BymrO0onot_wJWuIi0ZQ-nGakVgMEXUmz1VJ_-lXwOKdRvUiIfHB_c_fKOgY4JqGprvmG5B5xLUGawIv3NY1ib35KMopD1vidEU3_63lgzJKsYBa_oBF30eQcVfZiRQUfgNF7zons8B25-232nXDqrBwuJ23PicPOCCtojNL969-ES7vdq9be7bL7tb_CtzD2mKm-0gLUOajkytVftiY_hqzZHAxx_y6h3ZjRLl4pF0-c1rtSziYAL8zpIWapgZRHYlch13DJQMJvikbTNT-xUQAEFObQ4PVHnutjLYG6Ku24Df-w7iWZDqAnHjKgpiqAq0nY0EnMYCNUGbUiO-OdK6KvHqE6XmttQGhUlBB5MfU9IxJj8FXnf8NYfVdlhJ5MJ12alsfThqqybJSbwdfCHPM7t51pmuZ2uAWeIn6XB7wmAO3b7tbeiFIl2jsft4Di9iMmb56zBckzK86w-xTJ_73x2m8EYdde9sTAkK_UnioUNgTgdXXfi0psD4jxkR7yqrbStTSxXKzhewfOYL8ETt9BQC5C0IVuYlRceRWHtybhgYFw5X9SQKlRgG_YNc7zGGxVLHiBfJ3KXaUkgv4Xul7MZcy7yjmM5QTiMzcMa_83ZJCo4pdKXdOL5hI7WBYZUO8Ssd8Ffe3Dod5MgU6wlYSxjO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.redpacketsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

truncated
/ Frame 3129
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81f4e3d22360404c617b9a25ee0b9f8e0da0528e16f37e56b6a95e75d30d7036

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame C37E
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJBdCjHWMPPJM6f4gBGC0Go&google_cver=1&google_push=ARnp8GD3bmgYBM3sdvrFC43CxcgZSlZwNr811cQFeTcS0HeHtoc0bKksOo8nSdjItrumitIVPybj3zyn9cmZSf9vBk5-umS-ixA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C37E
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GCBxF1LE9ShBPbtImLghDWNIrnOFUaJ5st29C9...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJ4U2NBQUFCWUczaXpmWA&google_push=ARnp8GCBxF1LE9ShBPbtImLghDWNIrnOFUaJ5st29C9yeAWdreVVTihNuu0yTTZof7O1p69j4w21jcNG3jy3zTO_BuDzhqJll_Bm
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJ4U2NBQUFCWUczaXpmWA&google_push=ARnp8GCBxF1LE9ShBPbtImLghDWNIrnOFUaJ5st29C9yeAWdreVVTihNuu0yTTZof7O1p69j4w21jcNG3jy3zTO_BuDzhqJll_Bm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJ4U2NBQUFCWUczaXpmWA&google_push=ARnp8GCBxF1LE9ShBPbtImLghDWNIrnOFUaJ5st29C9yeAWdreVVTihNuu0yTTZof7O1p69j4w21jcNG3jy3zTO_BuDzhqJll_Bm
Date
Wed, 29 Jun 2022 13:24:00 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
sync
odr.mookie1.com/t/v2/ Frame C37E
43 B
356 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHCE8_SDTaXgcK-bBtGxU_8&google_push=ARnp8GBNQdtlPAZDaj2cVSX0riGw8m0cVCU6NOjm5G3SmnH74r_jP61-XG6TCG9Rzqln9rXKgFrly-DsQrOIJwCdfi2nx_gm0Rs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame C37E
43 B
350 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMmriXffsUqwkC_ZHZYKibE&google_cver=1&google_push=ARnp8GCLRJ8QUK-VBDfpofwUnu1gWqgrdZs_wYfYzYuuhJ1ndcMybUfu2TsiBW_YqLIqwLCGKJUv43AZu4OCpEIYmtmFxIcXOnNi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
0soqhu1obrlq10ns2t2ao8oooviuornv
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C37E
0
166 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKz49wHjuWyUJOSOhqWiWDk&google_cver=1&google_push=ARnp8GAqWeN8fataCt5wh2JqrojLssgkVvkwDJ0UCcSGYWUEyFkArMxaozIt0dhETttyS6yrRNQ945oMQXiF_rW4qlva8z3lfe4F
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C37E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMTrQVCe8oUW4Of8YryJf6E&google_cver=1&google_push=ARnp8GBxGW8PZZqqgCjyrXOb02oSNUxZl3IxQkDVv10Ev1Figby1cavS8QzecgKocjC-8M9MoqQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPN0EtSC1HWFhH&google_push=ARnp8GBxGW8PZZqqgCjyrXOb02oSNUxZl3IxQkDVv10Ev1Figby1cavS8QzecgKocjC-8M9MoqQw1b9xkkJhbZyxUFmXyz5lgvY
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPN0EtSC1HWFhH&google_push=ARnp8GBxGW8PZZqqgCjyrXOb02oSNUxZl3IxQkDVv10Ev1Figby1cavS8QzecgKocjC-8M9MoqQw1b9xkkJhbZyxUFmXyz5lgvY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPN0EtSC1HWFhH&google_push=ARnp8GBxGW8PZZqqgCjyrXOb02oSNUxZl3IxQkDVv10Ev1Figby1cavS8QzecgKocjC-8M9MoqQw1b9xkkJhbZyxUFmXyz5lgvY
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame C37E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_push=AR...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GAb2A-WpGCW2P8yCxiZgdmCFnfDx_CzP...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GAb2A-WpGCW2P8yCxiZgdmCFnfDx_CzP95WHebrMfZJxIpkaxCb0WHhC6vmDmuHP-Rc4qDzRSENSg05LRNNLfKpWOmI6Fg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awig1b2Fpwz2cz7hDD23A7%2Br1AXTB%2Bw6M4WofJAaJq7w5yJy8I3z6ztgrVNCfvX1PjRyq885Xz0OABTFOZ5Fq%2BSRPPRRKwPotcDm3o8dXQsS%2FhsKqzJRsOZfLmwM1NbbKVVq1Ufum5KlEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GAb2A-WpGCW2P8yCxiZgdmCFnfDx_CzP95WHebrMfZJxIpkaxCb0WHhC6vmDmuHP-Rc4qDzRSENSg05LRNNLfKpWOmI6Fg
cache-control
no-cache
cf-ray
722efae17bf29960-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame C37E
0
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSszeLe6eOVYbwuxgZrSkzSyViB4OrAWNyGz2qZmM8HCu70XHxMvLOKw8CXh_nNqvRR6zh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8663
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=2405762439&pi=t.aa~a.872345986~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280&nras=4&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1749&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=gTSH63IVYS&p=https%3A//www.redpacketsecurity.com&dtd=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 13:24:00 GMT
expires
Wed, 29 Jun 2022 13:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 13:24:00 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3129
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 20:36:54 GMT
x-content-type-options
nosniff
age
578826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 20:36:54 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame D9C8
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 20:36:54 GMT
x-content-type-options
nosniff
age
578826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 20:36:54 GMT
fa287546e1d5bd0678894d5c227e456c.js
www.gstatic.com/mysidia/ Frame 3FF1
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 09:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4351
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 00:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 09:05:41 GMT
db2e47a9a3671f527cf86ca9ac22fc67.js
www.gstatic.com/mysidia/ Frame 3FF1
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/db2e47a9a3671f527cf86ca9ac22fc67.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 09:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4277
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 00:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 09:05:41 GMT
css
fonts.googleapis.com/ Frame 3FF1
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 12:38:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 13:24:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 13:24:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 3FF1
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:19:50 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/ Frame 3FF1
21 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:18:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 3FF1
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:20:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 3FF1
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:13:23 GMT
l
www.google.com/ads/measurement/ Frame 3FF1
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXDpCKW5545uFR7bgle943H_qY3Rnd70TfDSdvGg7maqUZTgcfdGtJC9Te70i0WaBmiaX21wyzp61-0O0COGXrGx4oAw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3FF1
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 13:24:00 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame 3FF1
31 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 07:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 07:02:55 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3FF1
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjLEQb1K8YteQPICXj-8P7YyHeJ6uzqlp2N70vfoPpOfy7ZUCEAEgta-gJ2CVmpqCrAegAfSvpvkDyAEBqQKjOaHmiA-qPqgDAcgDwwSqBJ0CT9BJDNOC6wNhX0PdX-UXbZ80eGleBftD86SXLLB6S8hGVEehzhonzvUEmyQ4QvuHjHUeEq_vxSiP-12TJxMJLalPB-xK1OS1C07obtBRqMOYMD-tHVE_b3nAlF0yxDL-bw-Q6mcNmYZ12Jb2g2Gv84ZN1x8F-q-PRDQNJRF2Pd-G5adXBXcvIx0WxVEaj3xoX3rggx8smDp_2lnxUSyvOrGOuoX9NF7maqVhAwCUcWEVnGwkI8-sfQ5mHFmeziybJLiMaIilOcpEU5EIJxKiF-cgUSIe3jfOYG7VbbZiHnbscA1OOg5S4LrMuQ72HV_CTHISD5o2JSqj3WMyuHAiTW44mzoPMOn7W5XZ7X98xaugReAhf-6KY0GuaKwQwASrkpqr9QOSBQQIBBgBkgUECAUYBKAGUYAH9M_ZBqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIaiAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTE1MzYzMzQyMTk1NjI3NzEYAA&sigh=-EprKcm6q8o&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 29 Jun 2022 13:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame D668
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1994
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 12:50:46 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 047F
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27016
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 30 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3FF1
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e4746fd8d4df17e1ac054b21445d7e64ac2f256dabe562f56c145b68f8e4b70

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 047F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJBdCjHWMPPJM6f4gBGC0Go&google_cver=1&google_push=ARnp8GBXE7u4SeChcjkuqj-fcwb7Vr0srqXfhptgwEgqq4yh7IEjXYisew...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBXE7u4SeChcjkuqj-fcwb7Vr0srqXfhptgwEgqq4yh7IEjXYisewSDNmosEUWSDk_9i713fdgK8LikziURe940d5kjmW8&google_hm=h4YN7soN0COg4...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBXE7u4SeChcjkuqj-fcwb7Vr0srqXfhptgwEgqq4yh7IEjXYisewSDNmosEUWSDk_9i713fdgK8LikziURe940d5kjmW8&google_hm=h4YN7soN0COg411ipe3mvQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBXE7u4SeChcjkuqj-fcwb7Vr0srqXfhptgwEgqq4yh7IEjXYisewSDNmosEUWSDk_9i713fdgK8LikziURe940d5kjmW8&google_hm=h4YN7soN0COg411ipe3mvQ
pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 047F
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GADZM7MzgBN6CWOTcoCcMOFLrZLHqX3CAILV2H...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJ4U2NRQUFCRmJ3em1vSg&google_push=ARnp8GADZM7MzgBN6CWOTcoCcMOFLrZLHqX3CAILV2HQzDFQYolbTzqjmo6gmWqIr1VMe1TYvs97LCLSeFk-lSXMRoq1fcvz0lxQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJ4U2NRQUFCRmJ3em1vSg&google_push=ARnp8GADZM7MzgBN6CWOTcoCcMOFLrZLHqX3CAILV2HQzDFQYolbTzqjmo6gmWqIr1VMe1TYvs97LCLSeFk-lSXMRoq1fcvz0lxQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJ4U2NRQUFCRmJ3em1vSg&google_push=ARnp8GADZM7MzgBN6CWOTcoCcMOFLrZLHqX3CAILV2HQzDFQYolbTzqjmo6gmWqIr1VMe1TYvs97LCLSeFk-lSXMRoq1fcvz0lxQ
Date
Wed, 29 Jun 2022 13:24:01 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 047F
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GCtkzHe...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GCtkzHe...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjkxMzI0MDEwMDAxMjk2MzA3Njc1Mw%3D%3D&google_push=ARnp8GCtkzHedzMmocKr6RNPG9Lktrew_gBSJigYizaf_-x_elEvaXOiGFzdX1V11d4zkH...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjkxMzI0MDEwMDAxMjk2MzA3Njc1Mw%3D%3D&google_push=ARnp8GCtkzHedzMmocKr6RNPG9Lktrew_gBSJigYizaf_-x_elEvaXOiGFzdX1V11d4zkHbNRg-dhmM_UnLSLmyT0QyJu8YP8Ao
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjkxMzI0MDEwMDAxMjk2MzA3Njc1Mw%3D%3D&google_push=ARnp8GCtkzHedzMmocKr6RNPG9Lktrew_gBSJigYizaf_-x_elEvaXOiGFzdX1V11d4zkHbNRg-dhmM_UnLSLmyT0QyJu8YP8Ao
pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Wed, 29 Jun 2022 13:24:01 GMT
dds
rtb.openx.net/sync/ Frame 047F
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMmriXffsUqwkC_ZHZYKibE&google_cver=1&google_push=ARnp8GACeoeY6edfCuD6Gx4tmNtiS6-rOSCeLsMpWAQgkNtyLxLb-hi1j-as5WFjp4mtcKo6-LwhY4Zb9jqBOJKvWoQ4h33UA-Yr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
cvg227a43f7h8t7bei61upd36smaig06
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 047F
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKz49wHjuWyUJOSOhqWiWDk&google_cver=1&google_push=ARnp8GDdy4UY70D_fRcJCy7t7QbuAKxTL8VI9D5rhd7FZAPLfzqNGB4PZFOKaibkWCbOL-75isB5zSaPpzITio65YV3ttSSpew
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 047F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMTrQVCe8oUW4Of8YryJf6E&google_cver=1&google_push=ARnp8GDMx0MTPySSx2a9AfBolsMHHFE0urEfSuORj56x5pJG09ZXWfVaKPnkJtOfyo6MObdW0-1...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPQzMtMVQtTEhYTA==&google_push=ARnp8GDMx0MTPySSx2a9AfBolsMHHFE0urEfSuORj56x5pJG09ZXWfVaKPnkJtOfyo6MObdW0-1KAeW2XXcehQVc4Co6tJ8wNjfs
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPQzMtMVQtTEhYTA==&google_push=ARnp8GDMx0MTPySSx2a9AfBolsMHHFE0urEfSuORj56x5pJG09ZXWfVaKPnkJtOfyo6MObdW0-1KAeW2XXcehQVc4Co6tJ8wNjfs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPQzMtMVQtTEhYTA==&google_push=ARnp8GDMx0MTPySSx2a9AfBolsMHHFE0urEfSuORj56x5pJG09ZXWfVaKPnkJtOfyo6MObdW0-1KAeW2XXcehQVc4Co6tJ8wNjfs
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 047F
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 047F
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRAxxpnNprnl1naQEGuaJo3y6Z_LchdFqhpjJ5nWZmswc1UgISa29Oyf48nuamklk5ye7vQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame D668
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 13:24:01 GMT
expires
Wed, 29 Jun 2022 13:24:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 13:24:01 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
fa287546e1d5bd0678894d5c227e456c.js
www.gstatic.com/mysidia/ Frame 5CDA
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 09:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4351
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 00:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 09:05:41 GMT
db2e47a9a3671f527cf86ca9ac22fc67.js
www.gstatic.com/mysidia/ Frame 5CDA
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/db2e47a9a3671f527cf86ca9ac22fc67.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 09:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4277
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 00:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 09:05:41 GMT
css
fonts.googleapis.com/ Frame 5CDA
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 12:44:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 13:24:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 13:24:01 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 5CDA
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:19:50 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/ Frame 5CDA
21 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:18:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 5CDA
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:20:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 5CDA
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
638
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:13:23 GMT
l
www.google.com/ads/measurement/ Frame 5CDA
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8LVC7IVyyYgTa7N2nBg8kqS002tlm23wPJodTksUuxFVh6haP_3r8JN4rOC-I01hBkixuDItddO5rR1sKcGjc4cV_gg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5CDA
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 13:24:01 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame 5CDA
31 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 07:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 07:02:55 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5CDA
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cwoa2b1K8Yp2EPJ32zLUPr6OtyAjEjL2Uapqi2NWpD8CNtwEQASC1r6AnYJWamoKsB6ABra6QnwPIAQGoAwHIA8MEqgSOAk_QRbOBf-FiTW5c9i_mrKtm36H3WNM6yHltYALTx9dsun6GmyVrORRISMAUj41eZQa9sDy2o87xmry63uRswpIM1HcH6ylnqOmsBDjQScDlUoCKK9GSGJr3x83pmXBmZCM8jk1KgECgN-7AXQZQgjLfrEf0WVW2GuCmPVf3ycvjFJq3CIVXU2cMQUuLMiZKBJOIJ8YbDA6QT0opGTnzCEZzXWR6wEzS7gjOLrDU3s3sNC8W1X3_YMD1P2GP5Gg7xrBy_0NNp3FMv5Mf3UXWkW-8OVrk_gP3V_eYTNQMQbUuc8fJ8jBNLf5WTS0Ms-622ZmT6r9K0bgtC8U8gjrV8DYbYOM_q66Ia3a9EuPlfcAE1oHyyO4DkgUECAQYAZIFBAgFGASgBmaAB7vR72CoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDorALSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNTM2MzM0MjE5NTYyNzcxGAA&sigh=1gZ3s6TfMGA&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 29 Jun 2022 13:24:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3FF1
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 20:36:54 GMT
x-content-type-options
nosniff
age
578827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 20:36:54 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame AFEC
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1995
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 12:50:46 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A801
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27017
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 30 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5CDA
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
700fc2b4f089fb56eec6028fec52d52c2cc1d4b3186faaafb9e19c0f501c1e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame A801
35 B
210 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJBdCjHWMPPJM6f4gBGC0Go&google_cver=1&google_push=ARnp8GAJoLL3ArNkbDkMEGo8DxxqFS0uloJ3dexQY_rm5smDpRMlaMkxI390pVCy_dQlV3AZcs5JebY1eoliL7JmDJVCV14KV3e6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A801
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GBF3cEnCp5IzXMgC5KDe_DAce_c26-mj1EzvE8...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJ4U2NRQUFCUkVtWTF0Rg&google_push=ARnp8GBF3cEnCp5IzXMgC5KDe_DAce_c26-mj1EzvE8Pg11M5XlGc5rgW-Q0Vj8HbctcHGFRB82Zwb8cWq1ndJcbrUEUvHN5TIB3
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJ4U2NRQUFCUkVtWTF0Rg&google_push=ARnp8GBF3cEnCp5IzXMgC5KDe_DAce_c26-mj1EzvE8Pg11M5XlGc5rgW-Q0Vj8HbctcHGFRB82Zwb8cWq1ndJcbrUEUvHN5TIB3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJ4U2NRQUFCUkVtWTF0Rg&google_push=ARnp8GBF3cEnCp5IzXMgC5KDe_DAce_c26-mj1EzvE8Pg11M5XlGc5rgW-Q0Vj8HbctcHGFRB82Zwb8cWq1ndJcbrUEUvHN5TIB3
Date
Wed, 29 Jun 2022 13:24:01 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame A801
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAopUh-...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjkxMzI0MDEwMDAxNjE0NDI1MTM5OQ%3D%3D&google_push=ARnp8GAopUh-0oDaBJgdVO_8_BMh3kdRiaQRxM6k3iuOVZbOn9h9YVdxrUVL2MyfGkmGDh...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjkxMzI0MDEwMDAxNjE0NDI1MTM5OQ%3D%3D&google_push=ARnp8GAopUh-0oDaBJgdVO_8_BMh3kdRiaQRxM6k3iuOVZbOn9h9YVdxrUVL2MyfGkmGDhaSl6ICF8AVyolVKYyBDC7rRulNdwvg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjkxMzI0MDEwMDAxNjE0NDI1MTM5OQ%3D%3D&google_push=ARnp8GAopUh-0oDaBJgdVO_8_BMh3kdRiaQRxM6k3iuOVZbOn9h9YVdxrUVL2MyfGkmGDhaSl6ICF8AVyolVKYyBDC7rRulNdwvg
pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Wed, 29 Jun 2022 13:24:01 GMT
dds
rtb.openx.net/sync/ Frame A801
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMmriXffsUqwkC_ZHZYKibE&google_cver=1&google_push=ARnp8GBTxVCTf9s9_hALJqEyGfydpZ34-3724U85pIg2qskrD8kNLv2SwP40wppSxlhA1bqJliWjZNms7PXS1TldKqhoA4YKfUfM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
qp0v54he0fdqh1voh8l21edscblv4f86
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A801
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKz49wHjuWyUJOSOhqWiWDk&google_cver=1&google_push=ARnp8GCy225fiOyhka-ucfMRkHlrLN9TgZBZqwk-TAcj8zw6p0hReqDK_qfY0ZU0Wj6BlgGoENvwovlzdrk3C8lQToPakUiNBHr3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame A801
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMTrQVCe8oUW4Of8YryJf6E&google_cver=1&google_push=ARnp8GAqP2n4GY-Eey8zcCuKezjmF33ROxGU2A8iu4gEi3Y7f-DajQF1bY1aStMXDjOB_xGE59f...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPSFQtUS00Vjc3&google_push=ARnp8GAqP2n4GY-Eey8zcCuKezjmF33ROxGU2A8iu4gEi3Y7f-DajQF1bY1aStMXDjOB_xGE59foxKd8ZPROezkH0kMNIV6znJyn
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPSFQtUS00Vjc3&google_push=ARnp8GAqP2n4GY-Eey8zcCuKezjmF33ROxGU2A8iu4gEi3Y7f-DajQF1bY1aStMXDjOB_xGE59foxKd8ZPROezkH0kMNIV6znJyn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPSFQtUS00Vjc3&google_push=ARnp8GAqP2n4GY-Eey8zcCuKezjmF33ROxGU2A8iu4gEi3Y7f-DajQF1bY1aStMXDjOB_xGE59foxKd8ZPROezkH0kMNIV6znJyn
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame A801
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GBT1FFLz6BonakW8bCh4B6WgVs_ji5uD...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GBT1FFLz6BonakW8bCh4B6WgVs_ji5uDjJI0zpZtDsLDdhdDIMlDT3OICXRda4EfD9BGPJSQlYSXh3ClnN3ehPjweP4uIWB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEDK1Ca1hohzYo%2Bw7VlzkIaY6po4Dnh7dxK9KFXx4U%2FWIQMKb%2BVb35jvTZxebRDpibe0jQQQ1k%2B1npxErBbPveYXC%2FmAayjGrl2S2n3Wdp7FBDjEAaW9nDPXdmd0v5MFsNy3ZKxFkw8H7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GBT1FFLz6BonakW8bCh4B6WgVs_ji5uDjJI0zpZtDsLDdhdDIMlDT3OICXRda4EfD9BGPJSQlYSXh3ClnN3ehPjweP4uIWB
cache-control
no-cache
cf-ray
722efae39fcf9960-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame A801
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5Rxo8SBfA1rxI7hYfTvix0Tm3ao_it2j4wa7nw2GAxJSAxbnNQ2ZdTkadNSpZes9aMNly
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5CDA
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 20:36:54 GMT
x-content-type-options
nosniff
age
578827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 20:36:54 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame AFEC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 13:24:01 GMT
expires
Wed, 29 Jun 2022 13:24:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 13:24:01 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
pagead2.googlesyndication.com/bg/ Frame 394D
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=944551752&pi=t.aa~a.429328830~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280%2C353x280&nras=6&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=3199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=dPz8Ehne74&p=https%3A//www.redpacketsecurity.com&dtd=64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
562026c9163e2ca1a55c623f92db7db0ecbe1d1cc5a60992f4bf43eaa48c57ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 11:45:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
5901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13935
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 11:45:40 GMT
fa287546e1d5bd0678894d5c227e456c.js
www.gstatic.com/mysidia/ Frame 6E76
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 09:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4351
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 00:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 09:05:41 GMT
db2e47a9a3671f527cf86ca9ac22fc67.js
www.gstatic.com/mysidia/ Frame 6E76
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/db2e47a9a3671f527cf86ca9ac22fc67.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 09:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4277
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 00:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Sep 2022 09:05:41 GMT
css
fonts.googleapis.com/ Frame 6E76
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 12:40:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 13:24:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 13:24:01 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 6E76
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:19:50 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/ Frame 6E76
21 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:18:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 6E76
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:20:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 6E76
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
638
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 13:13:23 GMT
l
www.google.com/ads/measurement/ Frame 6E76
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTudmwCmOPOT3T54tc3Yw1u09G7q07fnOsiScNkG2MNO8gcvgWKrEt2LADPRklDeW6U6IFyJh2TJFOGDK_P6E7tqVCrcg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6E76
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 13:24:01 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame 6E76
31 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 07:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 07:02:55 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6E76
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkQezb1K8YqSIO6Dgj-8P9dGZ-Aaqnp_iar7NqKP3D6Tn8u2VAhABILWvoCdglZqagqwHoAHkmeu8AsgBAagDAcgDwwSqBJECT9DjLmw1Wqt4dmN3__yYVfqSDsn9CouXuIyFoglGthijYqk3hRXNefi-lHGqSEiQO-ZBqmBEUMC67T_l5SPpVZlTvOzUxZAjMyapoJFsunADEzDytvaDqCfSxhSx37SaB81tjREf4L3hHCMz2UCkf75fmspunFuAnzf9yuYiVZCBq5lM0dauyNI3wfXd3BU1E7OI5cdBxFdanpDGgBxK8H7uYcN_mTk76UZGmEqzm3SZlUi104KgPZQugeFp4K2cN3EjADjPDIVmUHyxHEK23j-1bExC5no-uorDTJh7T4KgL2ADgNRP9UTf8U1FHn1GgU15yYzWPpuk19A3ey_0gbwYsBddZWUoj1xH0gEO2pWZwASU483ygQSSBQQIBBgBkgUECAUYBKAGZoAHhOaUwwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD8nQPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi0xNTM2MzM0MjE5NTYyNzcxGAA&sigh=lESRKT7y-4Q&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 29 Jun 2022 13:24:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame A226
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1995
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 12:50:46 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 221C
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27017
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 30 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6E76
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37e7c0401ebcaabae9bfef1b97a13f5f7c9b40e88d783a2d175f829b1e2c241d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 221C
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJBdCjHWMPPJM6f4gBGC0Go&google_cver=1&google_push=ARnp8GBzK59kKV_KBSPWQ361LrT4usRcslaM-YugbZq2BVpzaSjd5M3dTf...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBzK59kKV_KBSPWQ361LrT4usRcslaM-YugbZq2BVpzaSjd5M3dTfqhLTwSd87ivetCki1UZDtaamu0QltzoIrK7H4eN7p5&google_hm=h4YN7soN0COg...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBzK59kKV_KBSPWQ361LrT4usRcslaM-YugbZq2BVpzaSjd5M3dTfqhLTwSd87ivetCki1UZDtaamu0QltzoIrK7H4eN7p5&google_hm=h4YN7soN0COg411ipe3mvQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBzK59kKV_KBSPWQ361LrT4usRcslaM-YugbZq2BVpzaSjd5M3dTfqhLTwSd87ivetCki1UZDtaamu0QltzoIrK7H4eN7p5&google_hm=h4YN7soN0COg411ipe3mvQ
pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 221C
0
98 B
Image
General
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GBZ_GmRHXQS6ZQwvUxX1wOQYObS0d_BcHJZeJ54r_YVbbdkL7HLtP5g0nTL4BMkpyN9QWh0UQmDPyp0IGPwyLJrGyXqaOgm&google_gid=CAESEHcSydP3haeHzKRxspy0Uns&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 221C
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMmriXffsUqwkC_ZHZYKibE&google_cver=1&google_push=ARnp8GCcfpY-GiQ0BkpLVYBXRhn1VrCJ3cJXvpRX3xR7DuaBSZxhPdNwP2WVftqY-_wPdcw-DOOsLF5ab93BwCCs1tPYawujuN0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
me7rkb4vlosuk65ufmvkqdlgg4j14unh
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 221C
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKz49wHjuWyUJOSOhqWiWDk&google_cver=1&google_push=ARnp8GAR3WOh053qoMaVtovKR8CYJF059uogxLWS2gplumg7S8_ftj-9h5-dbZBfhF63-tc9iieUUoZXsrciJWr_SXP0e7MZnuDt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 221C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMTrQVCe8oUW4Of8YryJf6E&google_cver=1&google_push=ARnp8GDUCC1J0aK-ptxXWiikQdpaI_iLywoHWqfEjArntKf8uYp0OABfJ8Czl6KsowNYwgYJZo7...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPT1ctTC03MUJV&google_push=ARnp8GDUCC1J0aK-ptxXWiikQdpaI_iLywoHWqfEjArntKf8uYp0OABfJ8Czl6KsowNYwgYJZo7DZmR33LP-CQb6UmGpJizwzjhw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPT1ctTC03MUJV&google_push=ARnp8GDUCC1J0aK-ptxXWiikQdpaI_iLywoHWqfEjArntKf8uYp0OABfJ8Czl6KsowNYwgYJZo7DZmR33LP-CQb6UmGpJizwzjhw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRaTVBPT1ctTC03MUJV&google_push=ARnp8GDUCC1J0aK-ptxXWiikQdpaI_iLywoHWqfEjArntKf8uYp0OABfJ8Czl6KsowNYwgYJZo7DZmR33LP-CQb6UmGpJizwzjhw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame 221C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GBmO5RBW3blc7HDvec-SxD18kSqA44GF...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GBmO5RBW3blc7HDvec-SxD18kSqA44GFpF_iOJ9gWWBrh2N-Dx9tWxIdA5DMaKk_GqxEZdbZv1PMwX_OdpwFmBCUljLBqL6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Jun 2022 13:24:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cj13cU73vNjDtbyRO7jEcIuVOCMqIH3asXWERP4%2B4M3Vnh5h6rGbSU8FAM5oJRCl5nLjjMtx%2FLEQQ1oYoa0cdyOLWUw7rzfuexkhX0rbtYehSdoihK2MKRStjPRhiFDWieS5aHcBGAge2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJmZeiBIAWbuyBgDNzuccUA&google_hm=YrxScJlrvAQ-InTecn1jUwAABKAAAAAB&google_nid=index&google_push=ARnp8GBmO5RBW3blc7HDvec-SxD18kSqA44GFpF_iOJ9gWWBrh2N-Dx9tWxIdA5DMaKk_GqxEZdbZv1PMwX_OdpwFmBCUljLBqL6
cache-control
no-cache
cf-ray
722efae53a719960-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 221C
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 221C
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_NOUBOKiuUgvkaJ6uJWx8RRWzzyj62m40RN8nEdoQ39gZ_GV8bQxk16Q529nPeUVXa7m4Yg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:24:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame A226
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 13:24:01 GMT
expires
Wed, 29 Jun 2022 13:24:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 29 Jun 2022 13:24:01 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
pagead2.googlesyndication.com/bg/ Frame BC45
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=6087740&pi=t.aa~a.1081604991~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1564&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280%2C353x280%2C353x280&nras=5&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=2463&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=iH2sEFom37&p=https%3A//www.redpacketsecurity.com&dtd=61
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
562026c9163e2ca1a55c623f92db7db0ecbe1d1cc5a60992f4bf43eaa48c57ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 11:45:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
5901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13935
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 11:45:40 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 6E76
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 20:36:54 GMT
x-content-type-options
nosniff
age
578827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 20:36:54 GMT
ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
pagead2.googlesyndication.com/bg/ Frame E415
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ViAmyRY-LKGlXGI_ktt9sOy-HRzFpgmS9L9D6qSMV6s.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1536334219562771&output=html&h=280&adk=3106563156&adf=4029085294&pi=t.aa~a.2402295283~rp.4&w=353&fwrn=4&fwrnh=100&lmt=1656500643&rafmt=1&to=qs&pwprc=6266461316&psa=0&format=353x280&url=https%3A%2F%2Fwww.redpacketsecurity.com%2Fblack-basta-ransomware-victim-new-peoples-bank%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656509039826&bpp=1&bdt=1563&idt=-M&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da36102886821a1fa-22ff3648bfcd00f1%3AT%3D1656509039%3ART%3D1656509039%3AS%3DALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg&prev_fmts=0x0%2C1038x280&nras=3&correlator=8545601013669&frm=20&pv=1&ga_vid=561496504.1656509039&ga_sid=1656509040&ga_hid=1984713907&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1198&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068232%2C42531606&oid=2&pvsid=506695731728135&tmod=1469910566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LiMayROL8m&p=https%3A//www.redpacketsecurity.com&dtd=46
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
562026c9163e2ca1a55c623f92db7db0ecbe1d1cc5a60992f4bf43eaa48c57ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 11:45:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
5901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13935
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 11:45:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEM8xSP8ptmA-xZE8BccAUpw&google_cver=1&google_push=ARnp8GCQdWtf1_gKnBpKzACLbQs44_m7wtlOSzdyFtAurEoP5RxtTghnBsBVZbARwDgrIBsD_pltof-aypQqWl9XzthYKimPvuZHSQ
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEM8xSP8ptmA-xZE8BccAUpw&google_cver=1&google_push=ARnp8GA5RXMyhbUhJ6UVN7DiMM6S_fLB8Xx8UQJ87McbNqoMYUSUQ9WHHSHfXWuq12-3KtPlUHj5lwrBHx0SU6UXj3IP7eOltGyA

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| zarazData object| zaraz object| __CF$cv$params object| __cfQR object| __cfBeacon function| defer function| deferscript object| dataLayer function| ga object| google_tag_manager object| _wpemojiSettings undefined| $ function| jQuery object| bootstrap object| cnArgs function| gtag function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal function| nxsPostToFav function| pinIt object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter number| _CommentsAppWidgetUuid string| websiteId string| google_user_agent_client_hint object| aalEmbed object| aalNowRetrieving object| twemoji object| wp object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| lazySizes boolean| __cfRLUnblockHandlers object| obj function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms number| google_lpabyc object| googletag

28 Cookies

Domain/Path Name / Value
www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank Name: _ga4s
Value: 1
www.redpacketsecurity.com/black-basta-ransomware-victim-new-peoples-bank Name: _ga4sid
Value: 995800767
.redpacketsecurity.com/ Name: _ga
Value: 7548009d-be26-43bd-bc8f-43ef9e91972a
.redpacketsecurity.com/ Name: _ga4
Value: 71d30594-c729-4e33-a88c-6c4137bc4282
.www.redpacketsecurity.com/ Name: CaosGtag_ga_GN0W0LT7ZX
Value: GS1.3.1656509039.1.0.1656509039.60
.www.redpacketsecurity.com/ Name: CaosGtag_ga
Value: GA1.3.561496504.1656509039
comments.app/ Name: bcom_on
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlQ2vpo6Bf3Meo6MBnGxgFVyVajLrXus951sTEbaJi1d3SMlL7HGHazzYf7
.redpacketsecurity.com/ Name: __cf_bm
Value: jDuo4Q3XoAuQ3VTfyBo7MzM16wz_9G.MqGsrkZvnGq4-1656509039-0-AZLiwTjdoD7u103HEhmJjEE004IFYN92Znh/XkGRGHhucg2s3AHbeNZNWtwVEpKWOx2773OPPQYpdUCIE1s+rdO6g0BSyAtS2JL0DKIpehP82pVy9KLYEZ1LXYAWCOJNGQ==
.redpacketsecurity.com/ Name: __gads
Value: ID=a36102886821a1fa-22ff3648bfcd00f1:T=1656509039:RT=1656509039:S=ALNI_Mbg4svEx75mq_BQpFeRnwqDMOo_Yg
.quantserve.com/ Name: d
Value: EAEBCQG_JoEA
.quantserve.com/ Name: mc
Value: 62bc5270-ba018-ea614-e95ab
.casalemedia.com/ Name: CMID
Value: YrxScJlrvAQ.InTecn1jUwAA
.casalemedia.com/ Name: CMPS
Value: 1184
.casalemedia.com/ Name: CMPRO
Value: 1184
.doubleclick.net/ Name: DSID
Value: NO_DATA
.agkn.com/ Name: ab
Value: 0001%3A1tmRLNmilhfbHybPRcZDHpoxqTfpvj%2Bn
.agkn.com/ Name: u
Value: C|0CEAqTw7wKk8O8AAAAAAAAQ13AQCAAQpAAAAAAA
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_tc
Value: Y
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220629
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.addthis.com/ Name: na_id
Value: 2022062913240100012963076753
.addthis.com/ Name: uid
Value: 62bc5271fca74f62
.addthis.com/ Name: ouid
Value: 62bc52710001a08070d7224e19ceba56427e6b51f1b4408a3ee7
.casalemedia.com/ Name: CMTS
Value: 3174

3 Console Messages

Source Level URL
Text
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEM8xSP8ptmA-xZE8BccAUpw&google_cver=1&google_push=ARnp8GCQdWtf1_gKnBpKzACLbQs44_m7wtlOSzdyFtAurEoP5RxtTghnBsBVZbARwDgrIBsD_pltof-aypQqWl9XzthYKimPvuZHSQ
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEM8xSP8ptmA-xZE8BccAUpw&google_cver=1&google_push=ARnp8GA5RXMyhbUhJ6UVN7DiMM6S_fLB8Xx8UQJ87McbNqoMYUSUQ9WHHSHfXWuq12-3KtPlUHj5lwrBHx0SU6UXj3IP7eOltGyA
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GBZ_GmRHXQS6ZQwvUxX1wOQYObS0d_BcHJZeJ54r_YVbbdkL7HLtP5g0nTL4BMkpyN9QWh0UQmDPyp0IGPwyLJrGyXqaOgm&google_gid=CAESEHcSydP3haeHzKRxspy0Uns&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
analytics.google.com
cm.g.doubleclick.net
cms.quantserve.com
comments.app
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
oauth.tg.dev
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tg.dev
tpc.googlesyndication.com
track.seadform.net
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.redpacketsecurity.com
googlecm.hit.gemius.pl
104.18.19.126
104.222.176.10
104.89.42.102
142.250.185.130
149.154.164.13
172.217.18.98
185.64.190.78
2606:4700:20::ac43:4810
2606:4700:440e::6812:2fe6
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:803::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a00:1450:400c:c08::9d
3.122.145.17
34.251.55.128
34.98.67.61
35.186.253.211
35.244.174.68
37.157.4.40
69.173.144.138
00ab36d5573ceab85b1bc2de3ff62f4a9402bdc7c8a9749ac58c7037aa4bd2b8
019dbff595e10442fcdc74c8cba3419c88100517861d3bca0ab49164a1338448
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04aec4107954c62d888f138cac63e9fd4508ca8bfcdaf9a9e3ade5eed2333b79
07d8e06258039e45a3d2e1da8b1001e0c301135b485e85726abc4b306d473abb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb10a2d723e30af4234cc3dcc1a82702a390c01ebe7f3171bfb1f42be2f0d09
13ea1503dc13c1d5259d6d10430aadc0fe269a78016fa6b7e0a41d653c6a7001
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2c6c5fa1a182530d794b033ee34f4a2d9e0b12db9ca65d696d79c6862f63a801
333995c0787761614afd94b2c38133bcfc513b40caa1e2708e65a8ff89e707c0
342125f8b526a75dd8ed829225c6a23af06249bf360efc2962c340cacd3fe517
37e7c0401ebcaabae9bfef1b97a13f5f7c9b40e88d783a2d175f829b1e2c241d
37e87643d88538a3667dd0cf9aded067e0a52bc47e4b3a901a5c3c0a3b3a453b
3dbfd192961150faaa5762d0bf7a6fc352ae6db0e0bc505b815804a026016079
4247183ff111bcf12affd18ba0da4a7a1ff0b4e7e491db67b9562b58d6a29c88
43124dcb89fbed91eb7ab07811071065ae32e74a4f682bc11a2654c826220007
46489b4c55fb6dce029c4ebcaa74c9616a0a89dc3be3e0027d0113c698ed9968
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
482f450b7fdbac6f9304643f3e731df20bf66c51fb0599fa9a734e5d102a9e2a
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4bac530874a51f6c07f2e956b8b534c5947e13f3f6e9a15c7684cc7352051c28
4cb636b91baa2ce444767df4b186194cd84ce5740b196123d3da1e2ead84e245
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4746fd8d4df17e1ac054b21445d7e64ac2f256dabe562f56c145b68f8e4b70
52bbb80de38a831973b2eef5325fa01354cae1a031376ded2f93b2a1de53fa94
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54cb0643a7f536436b00df60b5bf7d1c37f71d9cca5bc05246f958a2573d0fa4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562026c9163e2ca1a55c623f92db7db0ecbe1d1cc5a60992f4bf43eaa48c57ab
578ece1ba13e8a1dd211785e2df101ac5f9d1f2e387f9c6557bf51637ad0b84b
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5fdfb2304fc4b4ce74cdc70e83a8d62bdd46b3bfd0a69abea17fe490faec746c
60c62e0e44a2b4a1116d28f8a69f20c108cc84b5c173060d134a6ec083e12240
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62192a35a334d4401e348cf6774b25795b248972e116befa3405d9b9128a5473
629a298422d20d6be3aad025c6ddce8681991408627b1bf76f3e88abce039d2e
6342d16a93416b5e826f6d0e0e930ef033efb682851ae46270f3c4f5b4a1c194
6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
6d53299eeb9516dbba670ceeb55e8e5ce2186edb71518f6a1bd16553308f17c2
6e030af5390ddec7d8ce24c6fc6c650cfbc92d38037d2ac11ad9591db251e65e
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
700fc2b4f089fb56eec6028fec52d52c2cc1d4b3186faaafb9e19c0f501c1e94
7147639902c3336843e877d3245dc6adc61ffca9b8aa61ab591b50491e13c9cc
717fbacbf26a1f7ee86c28a9dabf6abc285b324b24a11f0d3762903d8934565a
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
76216b6c25b768e5bee4b758dacfef993b3e87cc2d7fd9bf192bd685d1ae9bfb
7688d6c0bc721a9708d4f280bfc926b6bb25e2386300a906a7fe5fa31a334bc7
798519ce47ff93dbb094e3bb3ee857bea4dfd1dfaa919bd0f3ea2a91479bec9e
7d45256c95c1c245654bf298e27d9c538dc778a2ee050ba4678ac2a07f479869
7d853f12f80f4e85343c2bc6ee4ab226f479c09a0dfd46e00808ff0e32043293
81f4e3d22360404c617b9a25ee0b9f8e0da0528e16f37e56b6a95e75d30d7036
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
878507828632957a2a0e471f1bfef8ef64ee4726f7fd03d05d77664823079fa5
898bb33c4d697683d384a3ac69acba30a8eaefb8591c54bb287a3eb445dc0278
8a3557561f3fca1c3bab36778cfeb2a9990aa86a23e50d64216f1f1a46adb571
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ba64ea38909392d4cabab89c686db48a38780d9a9efa30d8cc20980c21f7946
9691e8c38e89f0117aa9aab7dc706fa84ff4c18279a0769cfd90579c897922c1
970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894
975fcd769077c94bff0b689fbe3ad59e461ea7c948870bd979d21ad4716ecee9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b67a14d3266023e71ecdf6bbb6376034a486e07e1da880f536af90fb1c07711
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9ddc0f6530a2a949a60ecc192689aba25551e0f9f6270b44803134b27708d883
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a813f571283df3b4c18c535c9f408ae4897bf5e4d46faa8adeee189d8f732672
aa441bf5f2ac8c608371513bad73ea45ad6dc8b7c50e3c6841af81147d0b96ce
ab9923ddf87ea918721ca60169271da941bbdc98c55793246a8b3c1dd4cc25cc
ace0366eab1ff253f3ccc456913f0cd991bd1ead16846297ba62c40e2f0dcd5b
ae394bf43bc39f7c6b3f439de04f6b75288d849a0ecae5000a2452546063647c
af12f7592b4d8f6b8483bd9bab081ecf35abe485d5315fb0ecf30559ac2bd9cd
af468a53ff8b21e58d333969b462d31f6d23e94d0f255e58b8c9242057d29c34
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b280d1cc19c24e39b526105b152d8458a53f9ac9a338d40daca2c7bed1c90034
b28d8e93ecf9067ff746e514c79ad5adc53cc00965630bfe0b118cf80f7bf065
b2be9c7c3f5b1cfa7055b5f64d499416c9b680b0b6030677c323164358f49a99
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
b33ad250798eef9bd3379f3e7a9eeb55bd49bc718063bdaf568b7ed9dc3f4b9e
b5e930df6a2976d5df996e18b347e091756699ea32716dc53d0e1c0fd814c526
b80be40c3c47f8526cd90de3e7548b90660e0a869c00ae84affe5e287f0bd1dd
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
b9983e0f3bd212e1f920657c96ca9b0f3ef62e4b6ebbd153abd0f1791ecac4a4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce29a0dfdf11c6e73b8ec94c69dfecda8c55e4052403f5605725fdfa9f6ec3a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c1c4a5cd21da66fc405d7f029b47796497445dca00c11f9fb8eca2f90a171a5c
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c304be164d697444f4c480c7052ca7a25708686194dec476c55fbd500599f29c
c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e
c46e975fc3535ada808fc824ed124688634e1eca90f8e5fbd18a821e9e80068f
c6e098655bf365af10393cec5be569becfba92d4b3374f5f409ceaa5a3b3bad6
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c96a3e443478227892693b5f48368af1720b31a64c703dbe7dd7acb85ae0e14d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
da3e511b908f924d06bcd56a2274b737f070823715600c460dc5d593b276f961
daa7570536a241579efb1eca60b9b8b3e30d171663777c0ca3011414a42cfc61
e11a59dd88d8cb969b8297e9e6e2cdd1012edaa60435e3c8330d90529af863cb
e28b35a3da8773aebff732255cd50f4693c5bc2b6906f7a0d2b9f76060d0a2e2
e348d772480f8c0e5fa546b3c531a38700ae16b5dad5defb5e67ade7f6d332e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fbe67fed994d974916f80939f43e83889b033b3a565f349f26255620037a4d
e450af4a7c4974ea3ff324b629876380e0ca9605333a57152a953310c4a4661a
e8dfa93e316db0c0dd5d74f51997783f3517b8db6c7fa2461898ae5109c0b429
e9d9a4ac74e536c050e8c6c9a95941e5009411ae61e9c2bcd8371f638b2ec661
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
ed975bb9abdeeb1bbfdbade21b8fda090b77d786cc2fa4c6b4577ffc33530d5d
eee2832920de823a77ade71ddf71f135ef58d3d7aa14c2e48036e1faec3c2762
f1c5e16c3abc728ef3c7eb1ff66fc5b15f08232156bae6493e37becbd1b2f01d
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7ec795d6ca0df8d0083c41b1a57aed9a3500897442639a0c24999a749eed08a
f84781d3e65130fbcee9c8813916246764b2e335a6a4827009f817c3ca74c3f0
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
fe85646af222500a866fd63beedb6ae00576c4afab4e0d28b15d9d6d92cb7da5