www.techtimes.com Open in urlscan Pro
34.111.216.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/8SLKZzXSWc
Effective URL:
https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Submission: On April 18 via api (April 18th 2022, 2:36:39 pm UTC) from US — Scanned from DE

Summary HTTP 158 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 47 IPs in 9 countries across 35 domains to perform 158 HTTP transactions. The main IP is 34.111.216.4, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.techtimes.com. The Cisco Umbrella rank of the primary domain is 281195.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on August 16th 2021. Valid for: a year.

This is the only time www.techtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	34.111.216.4 34.111.216.4	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	18.211.226.152 18.211.226.152	14618 (AMAZON-AES) (AMAZON-AES)
8	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:a010	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.135.170.242 18.135.170.242	16509 (AMAZON-02) (AMAZON-02)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
1 3	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
1	35.190.31.133 35.190.31.133	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	198.145.13.13 198.145.13.13	2044 (DF-PTL01) (DF-PTL01)
5	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:9c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.109 143.204.98.109	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
1	2.20.157.2 2.20.157.2	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	18.136.115.17 18.136.115.17	16509 (AMAZON-02) (AMAZON-02)
1	54.71.105.247 54.71.105.247	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
15	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.85.185.37 35.85.185.37	16509 (AMAZON-02) (AMAZON-02)
1	54.68.117.43 54.68.117.43	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1 8	54.148.204.204 54.148.204.204	16509 (AMAZON-02) (AMAZON-02)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	34.246.109.130 34.246.109.130	16509 (AMAZON-02) (AMAZON-02)
1 1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	44.240.45.112 44.240.45.112	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
158	47

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.216.4 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 4.216.111.34.bc.googleusercontent.com

www.techtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

1111210941.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1734811051.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.135.170.242 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-170-242.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.87 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.31.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.31.190.35.bc.googleusercontent.com

stat.techtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.13 (Portland, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-109.fra50.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6b4c166c81dc766c5081c583070100d4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.157.2 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-2.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.136.115.17 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-115-17.ap-southeast-1.compute.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.71.105.247 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-105-247.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.85.185.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-185-37.us-west-2.compute.amazonaws.com

id.halo.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.68.117.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-117-43.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.13 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.148.204.204 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-204-204.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.107 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.109.130 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-109-130.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (Monrovia, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.45.112 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-45-112.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cdn77.org 1111210941.rsc.cdn77.org — Cisco Umbrella Rank: 425475 1734811051.rsc.cdn77.org — Cisco Umbrella Rank: 323668	747 KB
23	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8262 c.mgid.com — Cisco Umbrella Rank: 5541 cdn.mgid.com — Cisco Umbrella Rank: 10746 servicer.mgid.com — Cisco Umbrella Rank: 8391 s-img.mgid.com — Cisco Umbrella Rank: 7283 cm.mgid.com — Cisco Umbrella Rank: 2107	2 MB
16	googlesyndication.com 6b4c166c81dc766c5081c583070100d4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128 pagead2.googlesyndication.com — Cisco Umbrella Rank: 98	233 KB
12	ad.gt 1 redirects a.ad.gt — Cisco Umbrella Rank: 4688 id.halo.ad.gt — Cisco Umbrella Rank: 5894 p.ad.gt — Cisco Umbrella Rank: 5334 ids.ad.gt — Cisco Umbrella Rank: 4265 pixels.ad.gt — Cisco Umbrella Rank: 5222	18 KB
11	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	146 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	222 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	1 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	22 KB
6	powerad.ai powerad.ai — Cisco Umbrella Rank: 15107 reporting.powerad.ai — Cisco Umbrella Rank: 16585	47 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	199 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 302	40 KB
3	brainlyads.com hb.brainlyads.com — Cisco Umbrella Rank: 14306	192 KB
3	pubmatic.com 2 redirects ads.pubmatic.com — Cisco Umbrella Rank: 461 image2.pubmatic.com — Cisco Umbrella Rank: 898	58 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	114 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 137	2 KB
3	anura.io script.anura.io — Cisco Umbrella Rank: 42906 ads.anura.io — Cisco Umbrella Rank: 63228	18 KB
3	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 10699 in.getclicky.com — Cisco Umbrella Rank: 9592	6 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	428 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 655	684 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 355	964 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 438	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7579 www.google.de — Cisco Umbrella Rank: 5383	1 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 975 pixel.quantserve.com — Cisco Umbrella Rank: 423	10 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2388	40 KB
2	techtimes.com www.techtimes.com — Cisco Umbrella Rank: 281195 stat.techtimes.com — Cisco Umbrella Rank: 539093	16 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 445	684 B
1	openx.net u.openx.net — Cisco Umbrella Rank: 709	305 B
1	zprk.io pixel.zprk.io — Cisco Umbrella Rank: 15454	3 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 903	439 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	29 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	909 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 238	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 647	30 KB
1	t.co t.co — Cisco Umbrella Rank: 476	582 B
158	35

	Domain	Requested by
16	1111210941.rsc.cdn77.org	www.techtimes.com 1111210941.rsc.cdn77.org
15	s-img.mgid.com	www.techtimes.com
12	1734811051.rsc.cdn77.org	www.techtimes.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	tpc.googlesyndication.com	www.techtimes.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	ids.ad.gt	1 redirects www.techtimes.com
6	pagead2.googlesyndication.com	www.techtimes.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	www.google.com	2 redirects www.techtimes.com tpc.googlesyndication.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.techtimes.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.techtimes.com
4	connect.facebook.net	www.techtimes.com connect.facebook.net p.ad.gt
4	c.amazon-adsystem.com	www.techtimes.com c.amazon-adsystem.com
4	powerad.ai	www.techtimes.com powerad.ai
3	hb.brainlyads.com	powerad.ai t.co
3	www.googletagmanager.com	www.techtimes.com powerad.ai www.googletagmanager.com
3	sb.scorecardresearch.com	1 redirects www.techtimes.com
2	www.facebook.com	www.techtimes.com
2	ad.360yield.com	2 redirects
2	cm.g.doubleclick.net	1 redirects www.techtimes.com
2	image2.pubmatic.com	2 redirects
2	match.adsrvr.org	2 redirects
2	secure.adnxs.com	2 redirects
2	cm.mgid.com	jsc.mgid.com
2	googleads.g.doubleclick.net	www.techtimes.com
2	cdn.mgid.com	www.techtimes.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	reporting.powerad.ai	powerad.ai
2	fonts.gstatic.com	fonts.googleapis.com
2	script.anura.io	www.techtimes.com script.anura.io
2	static.getclicky.com	www.techtimes.com
2	jsc.mgid.com	www.techtimes.com jsc.mgid.com
2	stackpath.bootstrapcdn.com	www.techtimes.com
1	pixels.ad.gt	p.ad.gt
1	sync.mathtag.com	1 redirects
1	u.openx.net	www.techtimes.com
1	p.ad.gt	a.ad.gt
1	id.halo.ad.gt	a.ad.gt
1	servicer.mgid.com	jsc.mgid.com
1	www.google.de	www.techtimes.com
1	c.mgid.com	jsc.mgid.com
1	a.ad.gt	t.co
1	pixel.zprk.io	powerad.ai
1	ads.pubmatic.com	t.co
1	pixel.quantserve.com	www.techtimes.com
1	6b4c166c81dc766c5081c583070100d4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ads.anura.io	script.anura.io
1	rules.quantcount.com	secure.quantserve.com
1	in.getclicky.com	static.getclicky.com
1	stat.techtimes.com	www.techtimes.com
1	secure.quantserve.com	www.techtimes.com
1	www.googletagservices.com	www.techtimes.com
1	fonts.googleapis.com	www.techtimes.com
1	cdnjs.cloudflare.com	www.techtimes.com
1	code.jquery.com	www.techtimes.com
1	www.techtimes.com	t.co
1	t.co
158	58

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
reddit.com
www.linkedin.com
wa.me
www.bleepingcomputer.com
www.nordex-online.com
www.zdnet.com
www.wired.com
widgets.mgid.com
www.mgid.com
clck.mgid.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.techtimes.com AlphaSSL CA - SHA256 - G2	`2021-08-16` - `2022-09-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
www.cdn77.com R3	`2022-02-23` - `2022-05-24`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2021-08-13` - `2022-09-14`	a year	crt.sh
script.anura.io Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
stat.techtimes.com GTS CA 1D4	`2022-02-17` - `2022-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-25` - `2022-04-25`	3 months	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
ads.anura.io Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2021-11-25` - `2022-12-27`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.zprk.io Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
halo.ad.gt Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Frame ID: 5D121DE10D356E569794C6CC28C9EB9B
Requests: 122 HTTP requests in this frame

Frame: https://6b4c166c81dc766c5081c583070100d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 415A7827BDECAFC826EEFFED5A7A3153
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: E0865F98B421C1C61335BC2577444084
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: E3E7A8B969B9308095D503B5403F9C7E
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: 8A6DAC7480707CE8FB7D484126578B1E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 93415D5C7B49B37BF616BB6FE51C8202
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 7FA1F4A477419ABE2175A3BBBFE1DA2F
Requests: 13 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1650292592616497408252
Frame ID: FFF9264F57D792BC0D85D823B48DD772
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CF75247006AADA2F41C52DF9A994A04F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C8D6333FC6838A8C7ED62804A2816ED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB909070986E9DBD76202DD8DCC643F2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Conti Ransomware Group Attacks Wind Turbine Company Nordex | Tech TimesFacebookTwitterRedditLinkedInEmailWhatsApp

Page URL History Show full URLs

https://t.co/8SLKZzXSWc Page URL
https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

158
Requests

94 %
HTTPS

45 %
IPv6

35
Domains

58
Subdomains

47
IPs

9
Countries

3855 kB
Transfer

7073 kB
Size

49
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TechTimesNews

Search URL Search Domain Scan URL

URL: https://twitter.com/TechTimes_News

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Title: Facebook facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet/?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&text=Conti+Ransomware+Group+Attacks+Wind+Turbine+Company+Nordex&via=twitter%20username%20of%20author&hashtags=
Title: Twitter twitter

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&title=Conti+Ransomware+Group+Attacks+Wind+Turbine+Company+Nordex
Title: Reddit reddit

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Title: LinkedIn linkedin

Search URL Search Domain Scan URL

URL: https://wa.me/whatsappphonenumber/?text=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Title: WhatsApp What's app

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/wind-turbine-firm-nordex-hit-by-conti-ransomware-attack/
Title: BleepingComputer

Search URL Search Domain Scan URL

URL: https://www.nordex-online.com/en/2022/04/nordex-group-impacted-by-cyber-security-incident/
Title: Nordex

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/the-race-towards-renewable-energy-is-creating-new-cybersecurity-risks/
Title: ZDNet

Search URL Search Domain Scan URL

URL: https://www.wired.com/sponsored/story/a-green-future-depends-on-the-security-and-cyber-resilience-of-renewable-technologies/
Title: WIRED

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.techtimes.com&utm_medium=referral&utm_campaign=widgets&utm_content=1119383

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/11739842/i/57453081/0/pp/1/1?h=k0BFKTCHUHMZr59l3b2CQYpZvjZsI9b0orlNvsEU_EzFvEVL-T071b_gKAUWPbr5&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/11533312/i/57453081/0/pp/2/1?h=k0BFKTCHUHMZr59l3b2CQSI6NqJgylBcvInTmUAOCzEWQ1h7MavoGj8v8VEXpxiF&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/3805446/i/57453081/0/pp/3/1?h=k0BFKTCHUHMZr59l3b2CQT0DPOAUwWJTHGg5iMjYvzTqwwP8erSDv-4odJn-3gpN&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/4723158/i/57453081/0/pp/4/1?h=k0BFKTCHUHMZr59l3b2CQVtR6L47ZkDoDm0PFUZSaDbUEqe3d3qQL17mL1BjXpoW&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/3805535/i/57453081/0/pp/5/1?h=k0BFKTCHUHMZr59l3b2CQYEjtRsvSVbfDxRD-6R6HCHRSiAedtYBm9pD7jDXsQtY&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/6288106/i/57453081/0/pp/6/1?h=k0BFKTCHUHMZr59l3b2CQeT2UGikLfFSAmT7Ayk5wXxfpiqdnXmsoQuK55ITrSoD&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12581139/i/57453081/0/pp/7/1?h=k0BFKTCHUHMZr59l3b2CQWafD0cDA7ckFLqlM6C5oitUMDnD6R0MaHpOegIE7hHj&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/3860766/i/57453081/0/pp/8/1?h=k0BFKTCHUHMZr59l3b2CQVKmnKIOtkzvY8RL5TpCiLEgjiOfCVdSJ-hMDYs37Nk0&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/11739875/i/57453081/0/pp/9/1?h=k0BFKTCHUHMZr59l3b2CQX4iZeKR8SFegx7Ik8reT3JqxbgI9sChz3A3dVwmRCdk&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/10881049/i/57453081/0/pp/10/1?h=k0BFKTCHUHMZr59l3b2CQXJ5bNDXNmJxyzEcW8vRGEBQAVX5mq1I4aPX2YXstolr&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12068029/i/57453081/0/pp/11/1?h=k0BFKTCHUHMZr59l3b2CQWPSRVbLFqPxb7n84VjbvE0Apj7S5Z4SQH_I7192WjIK&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/10881005/i/57453081/0/pp/12/1?h=k0BFKTCHUHMZr59l3b2CQYHLI2gvu_GZ6QMgmme4YRz3QNhrBiDzqAuyhgWFuyy9&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12068030/i/57453081/0/pp/13/1?h=k0BFKTCHUHMZr59l3b2CQQKF6kfq01x9Y0e44kUKTsvo8mt_HKVv28XE4Er1zjdr&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12578194/i/57453081/0/pp/14/1?h=k0BFKTCHUHMZr59l3b2CQWhDIPMbvWWHeHGVic1GVpkBcDdbF1Wm31YDzmStkyGJ&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/10881004/i/57453081/0/pp/15/1?h=k0BFKTCHUHMZr59l3b2CQTrdn0Be80jiJr8QetzoToI90_q3Vrya0WsVGpsKGJD0&rid=f0fe61d3-bf24-11ec-b281-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/8SLKZzXSWc Page URL
https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://sb.scorecardresearch.com/b?c1=2&c2=19747886&ns__t=1650292591267&ns_c=UTF-8&cv=3.5&c8=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&c7=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&c9=https%3A%2F%2Ft.co%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=19747886&ns__t=1650292591267&ns_c=UTF-8&cv=3.5&c8=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&c7=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&c9=https%3A%2F%2Ft.co%2F

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 132

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3Dd868c425-e7ac-479a-9a12-5d728d7d731d%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&adnxs_id=5838608348932091605

Request Chain 133

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=d868c425-e7ac-479a-9a12-5d728d7d731d HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=d868c425-e7ac-479a-9a12-5d728d7d731d HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=39c07bc9-bc75-436d-83e3-57c24b03d907&id=d868c425-e7ac-479a-9a12-5d728d7d731d

Request Chain 134

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dd868c425-e7ac-479a-9a12-5d728d7d731d HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dd868c425-e7ac-479a-9a12-5d728d7d731d HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=EFFBB907-0137-4D26-9143-4381DDCE2549&id=d868c425-e7ac-479a-9a12-5d728d7d731d

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=d868c425-e7ac-479a-9a12-5d728d7d731d HTTP 302
https://ids.ad.gt/api/v1/g_match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&google_gid=CAESEAveh9E2FYbZJdqpuMIbJKU&google_cver=1&google_ula=450542624,0

Request Chain 136

https://ids.ad.gt/api/v1/g_hosted?id=d868c425-e7ac-479a-9a12-5d728d7d731d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZDg2OGM0MjUtZTdhYy00NzlhLTlhMTItNWQ3MjhkN2Q3MzFk

Request Chain 138

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3Dd868c425-e7ac-479a-9a12-5d728d7d731d%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3Dd868c425-e7ac-479a-9a12-5d728d7d731d%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ids.ad.gt/api/v1/impr_match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&impr_uid=aeac8b8c-5e95-4c3f-9698-ac321ed9b36c

Request Chain 139

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3Dd868c425-e7ac-479a-9a12-5d728d7d731d HTTP 302
https://ids.ad.gt/api/v1/mediamath_match?user_id=9f4d625d-7772-4f00-bd8a-a3d89590c1a5&id=d868c425-e7ac-479a-9a12-5d728d7d731d

158 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 8SLKZzXSWc
t.co/ 497 B
582 B 161ms
129ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/8SLKZzXSWc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 249
content-type: text/html; charset=utf-8
date: Mon, 18 Apr 2022 14:36:28 GMT
expires: Mon, 18 Apr 2022 14:41:29 GMT
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 40cbf605394c59ca1b8111110017575c808544b8f223b6a799b40e67f68fab9f
x-response-time: 122
x-xss-protection: 0

GET
H2 200 Primary Request conti-ransomware-group-attacks-wind-turbine-company-nordex.htm Show response
www.techtimes.com/articles/274335/20220415/ 55 KB
16 KB 275ms
224ms Document
text/html 34.111.216.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Requested by: Host: t.co
URL: https://t.co/8SLKZzXSWc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.216.4 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.216.111.34.bc.googleusercontent.com
Software: nginx / PHP/7.2.34
Resource Hash: 73f0080cc62e2488c6bbed08b50301eed10b545cb426b48960e6284b45e68896

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: clear
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 18 Apr 2022 14:36:29 GMT
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-powered-by: PHP/7.2.34

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 55ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 30789863
cdn-cachedat: 2021-04-27 00:54:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3ae60c6ce58161e504e410d15287107e
cf-ray: 6fde221148ff0229-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 style.css
1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/ 20 KB
4 KB 50ms
13ms Stylesheet
text/css 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9017d6131bbe73a5233e0e86395b5ca524575c599daaf1983ed006d0d31809b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BAzCIz/jegEAA
x-accel-expires: @1651007713
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"62580b26-4e36"
last-modified: Thu, 14 Apr 2022 11:53:10 GMT
server: CDN77-Turbo
x-77-nzt-ray: NY3CxrH0l8o
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 321677
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 393ms
190ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:30 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d84"
vary: Accept-Encoding
x-hw: 1650292590.dop227.fr8.t,1650292590.cds262.fr8.hn,1650292590.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 53ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 991762
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utJEpnQ%2FXLTdkLDGdbG8ln19jnFsBAL1rNo7wzJWmb7w6unEsax%2FWk4qvHl%2FDVYU9ybv6yZS4gV%2Fy65CAnHPk%2FrcXNHrQek8JJRZqaZ5Ut8XRHXYtI%2FLzlFRi4mMAiT8m4n0RWL63yGTi1YJmIaxkshj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fde22114aefcc36-ZRH
expires: Sat, 08 Apr 2023 14:36:30 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 66ms
35ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617
age: 31149798
cdn-cachedat: 2021-04-23 03:22:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 43529d73b5783a89b877d475a4af7320
cf-ray: 6fde221149020229-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 common_v056.js Show response
1111210941.rsc.cdn77.org/common/js/common/ 7 KB
3 KB 52ms
16ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1111210941.rsc.cdn77.org/common/js/common/common_v056.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 564909ae57a774bce3a438e2df0cbe3f8794d33acf6715625e87cb06bfa31908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BC0mDb/TUUJAA
x-accel-expires: @1650721825
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"62392348-1aeb"
last-modified: Tue, 22 Mar 2022 01:15:52 GMT
server: CDN77-Turbo
x-77-nzt-ray: LIV3rgOwgL4
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 607565
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 scripts.js Show response
1111210941.rsc.cdn77.org/static/common/_v1.0.0/js/ 5 KB
2 KB 52ms
16ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/js/scripts.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 549112bc130160ae62719497e057e28f50879c18d927de9b411255a20270ba0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BALAjv/TUUJAA
x-accel-expires: @1650721825
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"623923d3-12fc"
last-modified: Tue, 22 Mar 2022 01:18:11 GMT
server: CDN77-Turbo
x-77-nzt-ray: Jg30ZJDk70E
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 607565
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
909 B 47ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb561cd233f45d1673411866767ddb162ee40503bc71195ef8f186ec41f97fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 12:42:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Apr 2022 14:36:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Apr 2022 14:36:30 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 575ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6447b819f1671061eaef6eb9a388b162c8714aed75720e7e4a579f738e30cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28592
x-xss-protection: 0
server: sffe
etag: "1190 / 65 of 1000 / last-modified: 1650280021"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 18 Apr 2022 14:36:31 GMT

GET
H2 200 prebid_sb_202110.js Show response
1111210941.rsc.cdn77.org/common/js/common/ 184 KB
54 KB 33ms
33ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1111210941.rsc.cdn77.org/common/js/common/prebid_sb_202110.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b2cf31ca947be6dd3ff318d66b2a6eb397f2311490ea939ed9a663c7d5e729a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BDU2f7/8Z0KAA
x-accel-expires: @1650633597
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"62392348-2de66"
last-modified: Tue, 22 Mar 2022 01:15:52 GMT
server: CDN77-Turbo
x-77-nzt-ray: MzJXJTaLe1g
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 695793
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 script.js Show response
powerad.ai/ 195 KB
43 KB 736ms
174ms Script
application/javascript 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/script.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: e992885dab71202942febe0f8b83cee04c5c927bb81945eed17d4e36f0cf42d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 16:52:41 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
etag: W/"30c39-18028fdc402"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 europe-cyberattack-results-to-massive-internet-outage-about-5-800-wind-turbines-went-offline.jpg
1734811051.rsc.cdn77.org/data/images/full/401589/ 37 KB
37 KB 156ms
144ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/images/full/401589/europe-cyberattack-results-to-massive-internet-outage-about-5-800-wind-turbines-went-offline.jpg?w=600?w=650
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: b11e900264ac2a22d330f85e58c35c9a5aec2e4c31cea86a09ffdac47a3ecf07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BBfbiHOiiYDAA
x-accel-expires: @1650378990
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: b9f9f374567d2e3790ea58e1fbee5238
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 7kN1ktDctnM
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 206474
x-77-pop: frankfurtDE

GET
H2 200 hacker.png
1734811051.rsc.cdn77.org/data/images/full/402762/ 307 KB
308 KB 158ms
146ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/images/full/402762/hacker.png?w=600?w=650
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 062ecbd849f34c394b50bb3e79020cb66a2092122114ffb6188535f0ba8952a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BDrjjTOFq8CAA
x-accel-expires: @1650378990
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: ae9bd2b084227d8c2afb18e4122b7532
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: DcNTevVE8r0
x-77-cache: HIT
content-type: png
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 175894
x-77-pop: frankfurtDE

GET
H2 200 5-2-billion-us-crypto-transactions-tied-to-common-ransomware-attacks-btc-as-the-most-used-cryptocurrency-fincen-says.jpg
1734811051.rsc.cdn77.org/data/images/full/394408/ 90 KB
90 KB 171ms
160ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/images/full/394408/5-2-billion-us-crypto-transactions-tied-to-common-ransomware-attacks-btc-as-the-most-used-cryptocurrency-fincen-says.jpg?w=594?w=650
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 6d35330fc69576358ebe546213c8e70b44fe1309e82f23b2a7955094ae2e9a24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BDuCU7OiSYDAA
x-accel-expires: @1650378990
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: aa0e69fbc01f38901f59792cbd91f865
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 1NG74c6jbxs
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: REVALIDATED
x-age: 206473
x-77-pop: frankfurtDE

GET
H2 200 techtimes.com.1119383.js Show response
jsc.mgid.com/t/e/ 2 KB
1 KB 599ms
38ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6269ba7af84361388f3b6e85d9f0b5d89fbee738f358260665d99c00bbcc0a17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 4542
last-modified: Thu, 31 Mar 2022 13:46:59 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: M9YGCAM8XGMRZXDK
x-amz-id-2: P5XoIqKBq4lVoNXGUyY++zPZdCZ55iAL3pLVdDKNvg3FODrj9luHyEVi4dt3UtRTqRlI4PEFuSs=
cf-bgj: minify
server: cloudflare
etag: W/"2bb851dc8f203281ccea94daed65268f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6fde221769ab3a4d-CDG
expires: Mon, 18 Apr 2022 17:36:31 GMT

GET
H2 200 moon-wobble-2030-alarms-nasa-as-it-can-lead-to-extreme-floods-new-framework-can-predict-60-year-sea-level-scenarios.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/403609/330/186/50/40/ 8 KB
8 KB 55ms
44ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/403609/330/186/50/40/moon-wobble-2030-alarms-nasa-as-it-can-lead-to-extreme-floods-new-framework-can-predict-60-year-sea-level-scenarios.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 80817762a9d076e635e1eab0707b5a9d2c660dd6aeb0fa96f175afaed56f062e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BBjgCj/Ph0AAA
x-accel-expires: @1650371504
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: 0ed4b3ddf871626fa0f2b067b6e40394
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: /JUGRl24W9Y
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 7486
x-77-pop: frankfurtDE

GET
H2 200 google-quietly-launched-switch-to-android-iphone-app-for-apple-users-teasing-24-7-security-and-new-privacy-tools.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/403608/330/186/50/40/ 25 KB
25 KB 54ms
44ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/403608/330/186/50/40/google-quietly-launched-switch-to-android-iphone-app-for-apple-users-teasing-24-7-security-and-new-privacy-tools.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: fc21700b0b409748bd305ca9c4ee3ef3069bc1c50a286de7411bbf14b3294a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BAyq9v/KwMBAA
x-accel-expires: @1650312643
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: 04d6d9869ae8f4e63d663ee339e29b41
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: atrNHQ11NeE
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 66347
x-77-pop: frankfurtDE

GET
H2 200 elon-musk-shares-how-ukrainians-can-protect-starlink-terminals-as-spacexs-comms-systems-likely-targeted.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/401514/330/186/50/40/ 14 KB
14 KB 54ms
44ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/401514/330/186/50/40/elon-musk-shares-how-ukrainians-can-protect-starlink-terminals-as-spacexs-comms-systems-likely-targeted.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: e3b8b516725604d41a81c6a759bfc24b93daba139d712e6ad35e2ba4a8185e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BAGx7z/KYMAAA
x-accel-expires: @1650345413
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: 4538b44a89e4fdad25e29528efbb87ff
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: B5PpiOkdUmI
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 33577
x-77-pop: frankfurtDE

GET
H2 200 samsung-galaxy-s22-ultras-zoom-feature-a-downgrade-compared-to-s21-ultra-heres-the-image-outputs.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/403605/330/186/50/40/ 17 KB
17 KB 42ms
28ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/403605/330/186/50/40/samsung-galaxy-s22-ultras-zoom-feature-a-downgrade-compared-to-s21-ultra-heres-the-image-outputs.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: ee47bfb6903b6360309f6ef74fba22799ead87bb8a72cbc317dcd4b3fdf75fbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BDE9Sn/KYMAAA
x-accel-expires: @1650345413
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: 10252415d9b2d6025e64b506e47eebd5
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: qnFqj6QeWhc
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 33577
x-77-pop: frankfurtDE

GET
H2 200 google.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/357772/330/186/50/40/ 11 KB
11 KB 34ms
28ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/357772/330/186/50/40/google.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: d41678a7cf1b53173fe95f15735b5163c678e84455ae595bf8b68e114d60aebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BB1KIH/KH8AAA
x-accel-expires: @1650346438
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: 0a958462469f8bbe5ce3e51d3bb50d37
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 6GizF8YqlwA
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 32552
x-77-pop: frankfurtDE

GET
H2 200 draganfly-chairman-and-ceo-cameron-chell-on-tech-times-exclusives-37-find-out-how-drones-change-the-way-of-rescue-mission.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/403428/295/166/50/40/ 18 KB
18 KB 35ms
29ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/403428/295/166/50/40/draganfly-chairman-and-ceo-cameron-chell-on-tech-times-exclusives-37-find-out-how-drones-change-the-way-of-rescue-mission.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: ff1f3fa12eef47fe065fa8cc8d7b6f313682db4f3b09bb32fd71561e93435d41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BAM/QH/zToBAA
x-accel-expires: @1650298401
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: cb5aedc24c6f907474d35b0ff096d445
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: B5dxcowh5Aw
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 80589
x-77-pop: frankfurtDE

GET
H2 200 how-to-fix-double-nat-issue-detecting-and-troubleshooting-guide.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/403626/295/166/50/40/ 7 KB
8 KB 27ms
26ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/403626/295/166/50/40/how-to-fix-double-nat-issue-detecting-and-troubleshooting-guide.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: d335cce79efdc8b59287b72e33cc52d6002da1d3d49201233bddecae402cbafd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BD5oDv/9YoAAA
x-accel-expires: @1650343417
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: 15c62c66b43ed2810569b7a108f14ed1
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: GtphzmzCPZs
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 35573
x-77-pop: frankfurtDE

GET
H2 200 cyberpunk-2077.png
1734811051.rsc.cdn77.org/data/thumbs/full/374653/295/166/50/40/ 98 KB
98 KB 28ms
27ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/374653/295/166/50/40/cyberpunk-2077.png
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 645ee12061794b2ae46fb95c147afb5ef99fd88a9d2f1d871fa48a4be86b0792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BAca13/9YoAAA
x-accel-expires: @1650343417
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: 50345454e1ac0241ffc3c2ee95438768
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: F6KKivBCPB8
x-77-cache: HIT
content-type: png
cache-control: max-age=86400, public
x-cache: HIT
x-age: 35573
x-77-pop: frankfurtDE

GET
H2 200 paper-free-2022-guide-here-are-some-eco-friendly-digital-tricks-you-can-do.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/403614/295/166/50/40/ 18 KB
19 KB 39ms
38ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/403614/295/166/50/40/paper-free-2022-guide-here-are-some-eco-friendly-digital-tricks-you-can-do.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 19eee3da5d563e591962bef3ca132caf6ef1fd0a96ffc5412d291f02ad94938f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BAmSA7/aYsAAA
x-accel-expires: @1650343301
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: 54294bc6405bc9b2aac677ada32d260a
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: zgdA3v4anMQ
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 35689
x-77-pop: frankfurtDE

GET
H2 200 badge.gif
static.getclicky.com/media/links/ 241 B
382 B 29ms
29ms Image
image/gif 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.getclicky.com/media/links/badge.gif
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:30 GMT
cf-cache-status: HIT
age: 162089
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 241
last-modified: Wed, 13 Apr 2016 00:13:35 GMT
server: cloudflare
etag: "570d8f2f-f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6fde2213ec1423c7-ZRH
x-proxy-cache: HIT
expires: Sat, 23 Apr 2022 17:35:01 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 98ms
30ms Script
text/javascript 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ba72bbecea40fb39b1407b46add5eaa6674ad97e44426b2ac4b73025338b75e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 16 Apr 2022 17:34:48 GMT
server: cloudflare
age: 162102
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 23 Apr 2022 17:34:48 GMT
cache-control: max-age=604800
cf-ray: 6fde2212297823c7-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 counter_ssl.js Show response
1111210941.rsc.cdn77.org/common/js/stat/ 743 B
592 B 13ms
13ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1111210941.rsc.cdn77.org/common/js/stat/counter_ssl.js?v=11
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 08895426c0d9a9330b4b4988d244fb0f964082f78b8a929db01792481c508e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BDCVDT/mzsJAA
x-accel-expires: @1650724307
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"62392403-2e7"
last-modified: Tue, 22 Mar 2022 01:18:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: 8t6br+CB3F0
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 605083
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 article_counter.js Show response
1111210941.rsc.cdn77.org/static/js/common/ 398 B
461 B 232ms
232ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1111210941.rsc.cdn77.org/static/js/common/article_counter.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a969f23d2a86a8fbe27e34999a42c0aae9d7b7c46f33113e040cf123077c5a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BBb1tj/TEUJAA
x-accel-expires: @1650721826
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"62392310-18e"
last-modified: Tue, 22 Mar 2022 01:14:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: hnvyKbCdK10
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 607564
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 request.js Show response
script.anura.io/ 49 KB
17 KB 634ms
78ms Script
application/javascript 18.135.170.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2238638024&source=techtimes&campaign=personaltech%2Farticles&exid=anura_techtimes_1993688254064&callback=_anuraResFun&93715415353

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.170.242 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-135-170-242.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2204ecc1fc6846c6ec12a8b88427cd1b9b47955c11fb34ed27dd731655a7ff6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 135 KB
37 KB 456ms
25ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding: gzip
etag: 4abd427e43cd6822329a2c05539e321f
age: 870
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1TCMB7AQQYYYS9M77RTP
date: Mon, 18 Apr 2022 14:22:03 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: qvAOsG7AIu7Y_h3L3ttVuMZGE53oATJpxWspmHfpo2ti50XCtOV4UA==

GET
H2 200 logo.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 2 KB
1 KB 28ms
28ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/logo.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5b20151a1f3855739a388f05074c181072566416c06693a7d8c8fddacbd157f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BAxYTj/XUAJAA
x-accel-expires: @1650723089
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"62392292-878"
last-modified: Tue, 22 Mar 2022 01:12:50 GMT
server: CDN77-Turbo
x-77-nzt-ray: xIqy2ySh7Pg
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 606301
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 social_facebook.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 591 B
633 B 24ms
23ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_facebook.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eaa1d2a49cd9fb20ef40d866d1deecabee82db7146e40de17753c145bd557ea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BBJYHL/EkUJAA
x-accel-expires: @1650721884
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"62392310-24f"
last-modified: Tue, 22 Mar 2022 01:14:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: VyFxfIEztbo
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 607506
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 social_twitter.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 1 KB
911 B 20ms
18ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_twitter.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ec928563715656ae5bdf56bcc7215a4d1723c52158709bc2cc36e02af142d089

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BDU2t3/EkUJAA
x-accel-expires: @1650721884
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"62392292-461"
last-modified: Tue, 22 Mar 2022 01:12:50 GMT
server: CDN77-Turbo
x-77-nzt-ray: 6r7gpblh8Uc
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 607506
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 534ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 414361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:30:30 GMT

GET
H2 200 icon_search2.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 303 B
462 B 14ms
14ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/icon_search2.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f1f8e52f3acb8c8ab4998465bbe11b70f7384ecd29c8f6450c9228a6ca2d0a65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BDy9hT/XUAJAA
x-accel-expires: @1650723089
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"62392310-12f"
last-modified: Tue, 22 Mar 2022 01:14:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: 6VHYahnP8BA
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 606301
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 icon_search.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 303 B
463 B 15ms
14ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/icon_search.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9751f0e58ee1b5a83930fa22bf3b4562a3dd3d0424d2adb17423cc38d5cb847f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BCfZiT/4zAJAA
x-accel-expires: @1650727051
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"62392310-12f"
last-modified: Tue, 22 Mar 2022 01:14:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: uYdN2j2uNCA
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 602339
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 social_desktop.gif
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 6 KB
6 KB 14ms
14ms Image
image/gif 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_desktop.gif
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4295a34f0395dfae8f8c9e24f12de869d9f7cadd1853f4888c09fba2cce1ca8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BBpLLH/5zsJAA
x-accel-expires: @1650724231
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: "62392310-1793"
last-modified: Tue, 22 Mar 2022 01:14:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: M6OaMi6PV7Q
x-77-cache: HIT
content-type: image/gif
x-cache: HIT
x-age: 605159
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 6035

GET
H2 200 icon-split.png
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 16 KB
16 KB 18ms
18ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/icon-split.png
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 55937ee52d6d7e8746015398bf3a77e7a3d0c62c622766b9707402368d3181bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BDoVx//XUAJAA
x-accel-expires: @1650723089
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: "62392310-3e9b"
last-modified: Tue, 22 Mar 2022 01:14:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: wdBRJJhMxUM
x-77-cache: HIT
content-type: image/png
x-cache: HIT
x-age: 606301
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 16027

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 521ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 01:31:09 GMT
x-content-type-options: nosniff
age: 306322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 01:31:09 GMT

GET
H2 200 logo2.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/logo2.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b37528b8edfca9b4c56e243195e0f48b6a83878d30dca3c4eb67e530ad3b4428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BBTyC7/PEgJAA
x-accel-expires: @1650721074
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"623923d3-861"
last-modified: Tue, 22 Mar 2022 01:18:11 GMT
server: CDN77-Turbo
x-77-nzt-ray: KXQtNtZE4ag
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 608316
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 social_facebook2.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 591 B
631 B 14ms
14ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_facebook2.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4d6c0441395a79f993612963489cf57d905fd2e938df3847cb5aa4595ac8e75b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BAFbCX/PEgJAA
x-accel-expires: @1650721074
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"62392297-24f"
last-modified: Tue, 22 Mar 2022 01:12:55 GMT
server: CDN77-Turbo
x-77-nzt-ray: vLRuLAX55HM
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 608316
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 social_twitter2.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 1 KB
910 B 15ms
14ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_twitter2.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 99a5efd3d1c088c308da63f299791db08c40cf8e1da421f30399ce8a9bed36ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-77-nzt: Abk73BAubZD/5DsJAA
x-accel-expires: @1650724234
date: Mon, 18 Apr 2022 14:36:30 GMT
via: 1.1 google
etag: W/"6239230d-461"
last-modified: Tue, 22 Mar 2022 01:14:53 GMT
server: CDN77-Turbo
x-77-nzt-ray: T6N2pthhFw0
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 605156
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 413ms
20ms Script
application/javascript 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 25 Apr 2022 14:36:31 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 375ms
0ms Script
application/javascript 143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:43:29 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 42783
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: eKhjpZAN6moC8ogNYXLNQHkvvVD36KEdHCpWBkduOuhK-ADCl7A-nA==

GET
H2 200 counter_gif.gif
stat.techtimes.com/stat/ 180 B
180 B 520ms
128ms Image
image/gif 35.190.31.133
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.techtimes.com/stat/counter_gif.gif?article_id=274335&w=1600&h=1200&ref=https://t.co/
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.31.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 133.31.190.35.bc.googleusercontent.com
Software: nginx/1.14.2 / PHP/7.2.18
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:31 GMT
via: 1.1 google
content-type: image/gif
server: nginx/1.14.2
x-powered-by: PHP/7.2.18
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 405ms
26ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-41574041-1

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef89d02c630618782c192f51f7a2e05648009e950f6417ad26da708edef62645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38603
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 14:36:31 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 390ms
13ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f448860b7cb1a5a1937290f5660ece771bb2dd88ab5192108856184af7b4c200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: wxrUQxJxT9FfHNWkuIIcdQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: y1427qd2fp01jsuJR76QxBSQlQ4i+NyYQLEjXrj7R0EXYHuPOk3HEXd5a+xQibwC5eeGSPUQxqEqG++FZzbXPw==
x-fb-trip-id: 686109401
x-fb-content-md5: ce05d1569b4ba1f226eb5dfa88ac720c
x-frame-options: DENY
date: Mon, 18 Apr 2022 14:36:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6ffed50b91722095d77583878913bc89"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 18 Apr 2022 14:46:35 GMT

GET
H2 200 in.php Show response
in.getclicky.com/ 240 B
419 B 566ms
153ms Script
text/javascript 198.145.13.13
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=100661543&type=pageview&href=%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&title=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex&ref=https%3A%2F%2Ft.co%2F&res=1600x1200&lang=en-US&tz=Etc%2FUnknown&tc=&ck=1&mime=js&x=0.10612820959911007
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.13 Portland, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: fbcc0b1e2e737dd48997a140ae6e034d6e1479652e0b2eac58df1344bacd2e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=19747886&ns__t=1650292591267&ns_c=UTF-8&cv=3.5&c8=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&c7=https%3...
https://sb.scorecardresearch.com/b2?c1=2&c2=19747886&ns__t=1650292591267&ns_c=UTF-8&cv=3.5&c8=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&c7=https%...

0
187 B

13ms
11ms

Image
text/plain

143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=19747886&ns__t=1650292591267&ns_c=UTF-8&cv=3.5&c8=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&c7=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&c9=https%3A%2F%2Ft.co%2F
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:31 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0fieAYP5KK22yllGAO1AxHJJbcHnFt94cC7M_eLgG_4st0vdsX11fg==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=19747886&ns__t=1650292591267&ns_c=UTF-8&cv=3.5&c8=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&c7=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&c9=https%3A%2F%2Ft.co%2F
date: Mon, 18 Apr 2022 14:36:31 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-length: 0
x-amz-cf-id: fNzM74uLyKWjL8UslLZmlFXNYNtDAHcc4DRoDPcpOiSE7Nyet71h4A==
x-cache: Miss from cloudfront

GET
H2 200 pubads_impl_2022041201.js Show response
securepubads.g.doubleclick.net/gpt/ 369 KB
126 KB 43ms
7ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 12:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127945
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 08:36:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Apr 2023 12:51:16 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 462 B
830 B 44ms
16ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.techtimes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6949cfebe4764b7ccc671e10c550b3c7e0c58a139444513d6d8afe4a92fbe92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0
expires: Mon, 18 Apr 2022 14:36:31 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 12ms
11ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.techtimes.com&pubid=10f2e1c5-d495-4ec1-a8e3-2556d5c64ce9
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 10:11:41 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
server: Server
age: 15889
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.techtimes.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: JAel5xkSWdmXIETh2dDmmofLxccAiN8Zv4ZFhYDALz3oL-kxTWfN_g==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 109ms
109ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&pr=https%3A%2F%2Ft.co%2F&pid=trP2HawM9EQgj&cb=0&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22gpt_top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%2C%7B%22sd%22%3A%22gpt_right1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22400x300%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%2C%7B%22sd%22%3A%22gpt_right2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%2C%7B%22sd%22%3A%22gpt_right3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%2C%7B%22sd%22%3A%22gpt_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%5D&pubid=10f2e1c5-d495-4ec1-a8e3-2556d5c64ce9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:31 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: ZDCARJ1HEK9GJB049ASG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.techtimes.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: WVfDY5GAabu656M2dPyJ3BcmHG_EstAsX5Ug0qgTgYqP2kF83ClUcg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 31ms
13ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 42814
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
date: Mon, 18 Apr 2022 02:42:57 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BEdIDFJgOIge2TI6z8QmsXZVTiqzEL3M9a1hcLQJ6HloVfqiWkaA3A==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 289 KB
82 KB 20ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0e7c91d676ce2c9c84383925b821af9b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c4de0eb600d35e53daf51677ae15c1fe01c48f0c5a1ee98c14d8de41e42e479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: AtSkZGmrkYnx2Zx81uF3MA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84327
x-fb-rlafr: 0
x-fb-debug: 2vye9OAHLyX/SjQEsmYhz4YnBTCKe54XnBQdDeGrLK3Lmy35fhNbImkMCJMEc0pjN1sKChyVbOcXPabtxt8Sqg==
x-fb-content-md5: 8fcc8446cce707af449fd40d0206204f
x-frame-options: DENY
date: Mon, 18 Apr 2022 14:36:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b779b82f822ed5385512cbec5db6c571"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 18 Apr 2023 12:17:17 GMT

GET
H2 200 rules-p-LfaarYPdxYFdP.js Show response
rules.quantcount.com/ 3 B
439 B 41ms
9ms Script
application/javascript 2600:9000:2156:9c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-LfaarYPdxYFdP.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:50:43 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
age: 38749
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:29:28 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: eSDUn3aDUvrJgLG7VWJXzwaoJMeyRHXltP6jrIvl71evlfIkqzLjag==

GET
H3 200 techtimes.com.1119383.es6.js Show response
jsc.mgid.com/t/e/ 234 KB
69 KB 53ms
39ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 933fef7833027f0987904ee28c6e8f4cc94a72ecb28f94657316253c8102fe23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 3659
last-modified: Fri, 15 Apr 2022 10:31:05 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EJQ48C4Z1ER40N7N
x-amz-id-2: KxZPZ2kZd+piUTBGbThXf15BAmjb+FPm/+RQb5qgzIoNAv5NGDtA9xnJHUYXjnOOF8Z2YK4MiPE=
cf-bgj: minify
server: cloudflare
etag: W/"c82a86016c9f66c4b310990024fc95d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6fde2217f81a91de-FRA
expires: Mon, 18 Apr 2022 17:36:31 GMT

GET
H2 200 showads.js Show response
ads.anura.io/ 0
351 B 59ms
7ms XHR
application/javascript 143.204.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?296811451295
Requested by: Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2238638024&source=techtimes&campaign=personaltech%2Farticles&exid=anura_techtimes_1993688254064&callback=_anuraResFun&93715415353
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-109.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 14:47:59 GMT
content-encoding: gzip
server: nginx
age: 85712
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: gdTaPzRwVUVmposBPlR2D3o2OxjlNvK8i-3pfYB8uhUH_dbhU57Tlw==
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 177ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41574041-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1160
date: Mon, 18 Apr 2022 14:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 18 Apr 2022 16:17:11 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 153ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.techtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 154ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.techtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 144 KB
19 KB 467ms
449ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2126749961817601&correlator=2973701099426060&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&iu_parts=21697271410%2Ctechtimes%2Cpersonaltech%2Carticles&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C400x300%2C300x250%7C300x600%7C160x600%7C300x1050%2C300x250%7C300x600%7C160x600%2C728x90%2C1x1%2C1x1&ifi=1&adks=1577784758%2C3836433192%2C2595408385%2C3351343851%2C1583772871%2C1492474528%2C1492474529&sfv=1-0-38&ecs=20220418&ists=3&fsapi=false&prev_scp=pos%3Dtop%7Cpos%3Dright1%7Cpos%3Dright2%7Cpos%3Dright3%7Cpos%3Dbottom%7Cpos%3Doop1%7Cpos%3Doop2&eri=1&cust_params=article_id%3D274335%26NoPassAN%3DN&sc=1&cookie_enabled=1&abxe=1&dt=1650292591547&lmt=1650292591&dlt=1650292590221&idt=1280&biw=1600&bih=1200&adxs=315%2C1032%2C-9%2C-9%2C-9%2C0%2C165&adys=130%2C362%2C-9%2C-9%2C-9%2C4554%2C3778&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&ref=https%3A%2F%2Ft.co%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1270x0%7C403x0%7C0x-1%7C0x-1%7C0x-1%7C1600x0%7C836x0&msz=970x0%7C403x0%7C0x-1%7C0x-1%7C0x-1%7C1600x0%7C836x0&fws=0%2C0%2C2%2C2%2C2%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1056736256.1650292592&ga_sid=1650292592&ga_hid=91100559&ga_fc=false&btvi=0%7C0%7C-1%7C-1%7C-1%7C1%7C2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0a815cc128e3412d2fcf3fa0a93a9c4bc0cfa7c4fcd7db39bb28b53732011029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19078
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-1,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-1,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.techtimes.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6b4c166c81dc766c5081c583070100d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 415A 6 KB
4 KB 70ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6b4c166c81dc766c5081c583070100d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 14:36:31 GMT
expires: Tue, 18 Apr 2023 14:36:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel;r=1232618309;rf=0;a=p-LfaarYPdxYFdP;url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm;ref=https%3A%2F%2Ft.co%...
pixel.quantserve.com/ 35 B
372 B 20ms
14ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1232618309;rf=0;a=p-LfaarYPdxYFdP;url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm;ref=https%3A%2F%2Ft.co%2F;uh=a3b95c38a4fe7929a7139a63870af8a02e7a0d898d428d1fe62837e32fd6c97c;uht=0;fpan=1;fpa=P0-1823958545-1650292591591;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=techtimes.com;je=0;sr=1600x1200x24;dst=0;et=1650292591591;tzo=0;ogl=type.article%2Curl.https%3A%2F%2Fwww%252Etechtimes%252Ecom%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attack%2Csite_name.Tech%20Times%2Cimage.https%3A%2F%2F1734811051%252Ersc%252Ecdn77%252Eorg%2Fdata%2Fimages%2Ffull%2F401589%2Feurope-cyberattack-resu%2Ctitle.Wind%20Turbine%20Company%20Nordex%20Is%20The%20Latest%20Victim%20Of%20The%20Conti%20Ransomware%20Group%2Cdescription.The%20Conti%20ransomware%20group%20has%20targeted%20wind%20turbine%20company%20Nordex%20in%20a%20recent%20

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 /
reporting.powerad.ai/ 2 B
272 B 297ms
95ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.techtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 Apr 2022 14:36:31 GMT
server: nginx/1.14.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
214 B 429ms
94ms Fetch
text/plain 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=2
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
214 B 429ms
95ms Fetch
text/plain 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame E086 178 KB
58 KB 93ms
18ms Script
text/javascript 2.20.157.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: t.co
URL: https://t.co/8SLKZzXSWc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-2.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 66ea91a01b97feca3757a3ff16e3782973b559b2d4cbe79f7704e91607f9aa47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 19:14:10 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a1110-2c888-5cfd3192c4545"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=143828
accept-ranges: bytes
content-type: text/javascript
content-length: 58379
expires: Wed, 20 Apr 2022 06:33:39 GMT

GET
H2 200 pbjs_wrapper.v1.1.js Show response
hb.brainlyads.com/ Frame E3E7 38 KB
12 KB 845ms
119ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.1.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7852ee64c59c579042dca0b1136eae6d5f044e5e6c17323d9a091d23e51294b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 09:08:13 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"624d587d-96aa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Wed, 20 Apr 2022 14:36:32 GMT

GET
H2 200 pbjs_wrapper.v2.0.js Show response
hb.brainlyads.com/ Frame 8A6D 44 KB
13 KB 1024ms
309ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v2.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6837ee5bbfe3f66ce807e7273d8c022f1e3e64cae80fb2172b1a28ec2758086c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
content-encoding: gzip
last-modified: Mon, 28 Mar 2022 15:20:39 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6241d247-b053"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Wed, 20 Apr 2022 14:36:32 GMT

GET
H2 200 / Show response
powerad.ai/pubPls/ 17 KB
3 KB 598ms
598ms XHR
text/html 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 4994ee56e5bc27636d5757b2f566a11a4e293ae290b78426175a5c556a3257f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
etag: W/"440e-vtMm6S5TQpirM7j9Wpf0JFHAE9w"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.techtimes.com
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame E086 562 KB
167 KB 1111ms
499ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: t.co
URL: https://t.co/8SLKZzXSWc

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fbf61190d1dead1c640200707864416b7c7a73fffd52061f62909740490c5561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 10:40:26 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6254059a-8c65b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Wed, 20 Apr 2022 14:36:32 GMT

POST
H2 200 response.json Show response
script.anura.io/ 80 B
430 B 116ms
74ms XHR
application/json 18.135.170.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2238638024&source=techtimes&campaign=personaltech%2Farticles&exid=anura_techtimes_1993688254064&callback=_anuraResFun&93715415353

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.170.242 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-135-170-242.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3f8749814f274cfc18099a4d3c55d6a119b3067f4c34edebafc74e36005550fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 38ms
20ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=91100559&t=pageview&_s=1&dl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4ChAAUABAAAAAC~&jid=1580227348&gjid=452245724&cid=1056736256.1650292592&tid=UA-41574041-1&_gid=616284209.1650292592&_r=1&gtm=2ou4d0&z=1908046242

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.techtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=91100559&t=event&_s=2&dl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=article&ea=article3&_u=4ChAAUABAAAAAC~&jid=&gjid=&cid=1056736256.1650292592&tid=UA-41574041-1&_gid=616284209.1650292592&gtm=2ou4d0&cd1=Raphel%20Barnachia&cd2=News&cd3=Tech&cd4=article&cd5=&cd6=274335&z=276242814

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 11:54:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9735
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 427ms
17ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41574041-1&cid=1056736256.1650292592&jid=1580227348&gjid=452245724&_gid=616284209.1650292592&_u=4ChAAUAAAAAAAC~&z=1404078894

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Apr 2022 14:36:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.techtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 9341 222 KB
62 KB 330ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 184463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 9341 16 KB
6 KB 371ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 184463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 9341 96 KB
29 KB 360ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 184463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 9341 5 KB
2 KB 359ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 184463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 9341 42 KB
13 KB 362ms
45ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 184463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
DATA 200
OK truncated
/ Frame 9341 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e3f34e858774d3150691657e4739907593a5d82929371fbc37034bbecbc63e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 7FA1 222 KB
61 KB 325ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 184463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 7FA1 16 KB
6 KB 55ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 184463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 7FA1 96 KB
29 KB 53ms
11ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 184463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 7FA1 5 KB
2 KB 52ms
11ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 184463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 7FA1 42 KB
13 KB 48ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 184463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
DATA 200
OK truncated
/ Frame 7FA1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 890455fc1365d4ebfefe979ec4ac3ec08c43505d348358361164714cb390b8b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 10654937394343592882
tpc.googlesyndication.com/daca_images/simgad/ Frame 9341 104 KB
104 KB 345ms
40ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10654937394343592882

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce6b19936178028f2ee1c36e25a766fed720c9c8711183b1733455f93b3d2b55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 16:02:50 GMT
x-content-type-options: nosniff
age: 81222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106188
x-xss-protection: 0
last-modified: Sun, 03 Apr 2022 15:03:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Apr 2023 16:02:50 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9341 2 KB
3 KB 337ms
32ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 70604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 18 Apr 2022 18:59:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9341 295 B
353 B 315ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 31978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 19 Apr 2022 05:43:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9341 0
0 323ms
20ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOptZ0IH_ewpqSJy1w2ddsFtJ4hSvyxIfu_GAeTSVjKrr7NQIiOtzUisuzM0w9fUnfQ6-a
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9341 0
0 63ms
62ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4EGFb3ddYu7BJpLD3gOc-rGQCajCusxpkoq28Y8P05KUz78uEAEg3vWGhAFgldqigrAHoAGG76uVAsgBAuACAKgDAcgDCKoE0wJP0FQ6OcUFuGD3P5KPPFyn5CqIaUzi7DbejfPT0jhzykfcApAiZEwQLJHHGYxoQ5dd34t6jORq9GErQOwOgmjUSa_AnIWE25RZG8E-gaYm6oE85ElODE3Pp_9uFJz7WHmlD0r3YKZcnFPXy9X-OfDB2I5CzSjdbbYpWIOr54AEytC0_DniN55UnNtomYsyAdgATMslEt13b6cSf6l2OYJucaHXDGvKmCQnz1yPgmIUOo4pPYrXxb_c7dgVPdeGQhbnAUeLyTBZkJVx7mDYWjzAzFiBcvwXeO3wcyaYxv_RfpYaZPbHF6x72Ve8xcqLaSbIgT06fA5CiKKxq9w8D4ogaApkJeGHTqN1q6DGpH8KqX_LZutft52QKpYnC3Df_HUJIe-XnTFizmGafhSPIOscl0LQAJvqvlOmCE8qPCnYdnWGytVgCIFvhWgAGUL_CnYCCc_ABJHFtYnrA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfikNTqAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOi8GNIICQiI4YBwEAEYHYAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi00OTcxOTQ5NDAzNjAyNTA5GL6VbA&sigh=bpXwc0lqqKY&uach_m=[UACH]
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 9995209023773814442
tpc.googlesyndication.com/daca_images/simgad/ Frame 7FA1 84 KB
84 KB 314ms
12ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9995209023773814442

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

898e41fe0925e206f450a122f6cfae749346a81f1bf492bc6ad15e47b5fdf90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 16:01:41 GMT
x-content-type-options: nosniff
age: 513291
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85856
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 08:00:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Apr 2023 16:01:41 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7FA1 2 KB
3 KB 324ms
29ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 70604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 18 Apr 2022 18:59:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7FA1 295 B
757 B 302ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 31978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 19 Apr 2022 05:43:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7FA1 0
0 318ms
23ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKHiVXwbrirgff4LHmEWlFGjo6Rswo3kZqkotzCfvXx1afPp--MY_7yigdQHlcAlnEwZIk
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7FA1 0
0 62ms
62ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfT87b3ddYu_BJpLD3gOc-rGQCajCusxpqb2HwPQPiIXJmYsuEAEg3vWGhAFgldqigrAHoAGG76uVAsgBAuACAKgDAcgDCKoE1gJP0GrZzJbogQ-S0EPujeoE4CwX7ulhZuDnh03iqOGol72LW-DOjet9CPc-BBYe6NoYv877iK8hhofD_KCfWFBCMCu8VSml9MtYMuf3VIibS0rIKJODSijnO7izgMV-VVK3G3sO2rJdBYhSmg6I3RvAmrsnVwPddgRHvIww83yknI37n_JQjVI4RFBxuAidtKWEpbstAJKwu3f4d08Ali8m2zOSiFmAutblqcwnA7yl9Tu1hpVsOAAF58Xd5mjJNUrQVGZblqTpiXHSlAkQr4BLbmvC9d9D60fQ_zmjmtDEX27VFAtz7Ahbwxda-RVwuEDchpyterEEAVsJ9kqjdw2gMyisFR-dKDupUwOMTL3DMEfCd__fulMPX45I69chkXgfvXvVlaaWjMvTWdpnWSJNMBlMdPAazFeqrOXLxJTVmsJ0hJ-pbKqYKxmyIgYHmN8MCq-qslnABJHFtYnrA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfikNTqAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEObMI9IICQiI4YBwEAEYHYAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi00OTcxOTQ5NDAzNjAyNTA5GL6VbA&sigh=qOUFAFFil9g&uach_m=[UACH]
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 658ms
168ms Script
text/plain 18.136.115.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.115.17 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-115-17.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 2753
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: text/plain;charset=UTF-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 35ms
19ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-167135943-23

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21471df21aa9139cd02a28824b81e1eeab2735b14e35a3aeaae7f1a976a2057d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38558
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 14:36:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 35ms
20ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-167135943-23&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41574041-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

89afba0508f20aa2bcb817c8d62411280d04e4230d4f51d92db74e0f509760b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38571
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 14:36:32 GMT

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 503ms
176ms Script
application/javascript 54.71.105.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&ref=https%3A%2F%2Ft.co%2F
Requested by: Host: t.co
URL: https://t.co/8SLKZzXSWc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.105.247 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-105-247.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: bf45a7baa72be7417cc074173e88f566b7b9759e07f1dc502f71c0d7b186a638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 14:36:32 GMT
cross-origin-resource-policy: cross-origin
server: nginx/1.18.0
content-length: 3216
content-type: application/javascript

GET
H2 200 / Show response
c.mgid.com/pv/ 0
67 B 120ms
111ms Script
text/plain 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1650292592298294246247&uniqId=10e66&childs=1121456&lct=1649980800&niet=4g&nisd=false&jsv=es6&ref=https%3A%2F%2Ft.co%2F&cxurl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&pr=t.co&lu=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&sessionId=625d7770-0a4d6&pageView=1&pvid=1803d1a8eaaa108af53&site=703692&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6fde221dfc023a4d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 58ms
21ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
content-encoding: br
cf-cache-status: HIT
age: 6537
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DJP6Q2HS6NM4T7YG
x-amz-id-2: ZAoSOqz/X4IvFNSmYd0WY6KbgxX1iDvTdKX4TmK0uGvhQH8tiXz1RKSOQ2m2AOwWtJj/U/Y/rSo=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6fde221ebd1d3a4d-CDG
expires: Tue, 19 Apr 2022 14:36:32 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
811 B 65ms
32ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
content-encoding: br
cf-cache-status: HIT
age: 6537
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DJP01FZKCZY7G9VX
x-amz-id-2: uOdNmPUyX5rxeTMq1JVTsGxy4pyeIveFxAXg+2rpk4+Su/0spmqj0URmYXCoipH2NoLBO+q/SD0=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6fde221ebd1f3a4d-CDG
expires: Tue, 19 Apr 2022 14:36:32 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
27ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=91100559&t=pageview&_s=1&dl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Conti%20Ransomware%20Group%20Attacks%20Wind%20Turbine%20Company%20Nordex%20%7C%20Tech%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CjAAUABAAAAAC~&jid=804850249&gjid=1852360546&cid=1056736256.1650292592&tid=UA-167135943-23&_gid=616284209.1650292592&_r=1&gtm=2ou4d0&z=1111426625

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.techtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 70ms
32ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41574041-1&cid=1056736256.1650292592&jid=1580227348&_u=4ChAAUAAAAAAAC~&z=223943816

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 60ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41574041-1&cid=1056736256.1650292592&jid=1580227348&_u=4ChAAUAAAAAAAC~&z=223943816

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1119383/ 12 KB
4 KB 55ms
41ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1119383/1?pv=5&cbuster=1650292592403568721158&uniqId=10e66&childs=1121456&lct=1649980800&niet=4g&nisd=false&jsv=es6&w=836&h=5756&maxw_7=336&maxh_7=370&ident_p=true&cols=1&ref=https%3A%2F%2Ft.co%2F&cxurl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&pr=t.co&lu=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&sessionId=625d7770-0a4d6&pageView=1&pvid=1803d1a8eaaa108af53&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 136ef2eacfd51b14c2100cfd47e56897880900082f4de6083a84d32630b3414f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 6fde221ecd2b3a4d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 38ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-167135943-23&cid=1056736256.1650292592&jid=804850249&gjid=1852360546&_gid=616284209.1650292592&_u=6CjAAUABAAAAAC~&z=1182505487

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Apr 2022 14:36:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.techtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9341
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

119ms
95ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date: Mon, 18 Apr 2022 14:36:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7FA1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

133ms
130ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date: Mon, 18 Apr 2022 14:36:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTM3LHlfNDk0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lOGE2N...
s-img.mgid.com/g/11739842/680x385/-/ 22 KB
23 KB 48ms
18ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739842/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTM3LHlfNDk0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lOGE2NWU4NjU5ZjcxOWZiMTFmNDMzNmZhZDIyZTNkZS5qcGc.webp?v=1650292592-PYobG8XzR7JjMNrqN9-YyxSl3BWEiDm-y3Ume_pxbjI
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0331b1bdc2a7a3b68aebae09c2aea659b209e6f045aa07cb5980eb70ccf1d51b

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 13:33:31 GMT
x-mg-request-uuid: e0e90972-eb90-4858-8b37-06813a5bbf9d
age: 166248
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde221fab265c32-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22796
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDk1LHlfNjY2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC81NGVkZ...
s-img.mgid.com/g/11533312/680x385/-/ 81 KB
82 KB 70ms
40ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533312/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDk1LHlfNjY2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC81NGVkZjgyMGI3ZjUxMDU0N2I1YTY4MjBhODU1NzAxNC5qcGVn.webp?v=1650292592-7uAc_HTGD53u5h634nji9VPASkrzFD9NcQ7Vs_prh70
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e36542940f576f91f4b9755e161e80189894ae362c0c426df3b3bc000b65c05

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:35:22 GMT
x-mg-request-uuid: fd5ecacc-f165-4599-a17f-68deee87a3bf
age: 640058
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde221fab275c32-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83284
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMTMvMTAxOTI0LzViYTFmYTdkMmIwOGM2YWI2OGQzOWYzNDkwNWM0NTQ5LmpwZz90PTE0OTczNzU2MjM3Mjg.webp
s-img.mgid.com/g/3805446/680x385/0x56x1369x912/ 12 KB
13 KB 69ms
39ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805446/680x385/0x56x1369x912/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMTMvMTAxOTI0LzViYTFmYTdkMmIwOGM2YWI2OGQzOWYzNDkwNWM0NTQ5LmpwZz90PTE0OTczNzU2MjM3Mjg.webp?v=1650292592-_mrVRhhlZq1AYmHkn7iJCJdRDG27hyDEGAnPGqaB-4Q
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6f88d08546b3a1e39133cc702ff76e9f713a38563c825a824e612fb2154c316

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:59:55 GMT
x-mg-request-uuid: 890c0755-8e5c-4652-899c-6e2f00c8cb95
age: 1229407
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde221fab285c32-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12580
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2E5YjA2ZGIwNTdmZmNjNjg0ZmQyM2M4MGE5YzEzOGM4LmpwZWc.webp
s-img.mgid.com/g/4723158/680x385/78x0x660x440/ 10 KB
10 KB 56ms
26ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4723158/680x385/78x0x660x440/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2E5YjA2ZGIwNTdmZmNjNjg0ZmQyM2M4MGE5YzEzOGM4LmpwZWc.webp?v=1650292592-1oN462Nhrbk9uf6CmHLR65sGLT1oImdlNtHV4vWJDWE
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e48ea5b8bc65206eac26eed1807d9573f44bbf14f853cff99a2d1b2928952bad

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:51:54 GMT
x-mg-request-uuid: 3db66f93-5545-46ca-8272-bb118c3daf54
age: 1230246
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde221fab2f5c32-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10190
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMjYvMTAxOTI0L2RhZWFmZmE3ZWE5ZDJiYTA3OTgwMjc3MzkzMmFhYzFlLmpwZz90PTE0OTMyMzY5MzE4MzA.webp
s-img.mgid.com/g/3805535/680x385/0x0x492x328/ 15 KB
15 KB 56ms
27ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805535/680x385/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMjYvMTAxOTI0L2RhZWFmZmE3ZWE5ZDJiYTA3OTgwMjc3MzkzMmFhYzFlLmpwZz90PTE0OTMyMzY5MzE4MzA.webp?v=1650292592-gs4KRR96KK2qXrocPE4R1ssNfGpQ5iKsaI-cFzDIceA
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77f44daa71b6da27e1e1a96cf63431d35e916f752b1b5bae6fca55e7190b2970

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 16:30:02 GMT
x-mg-request-uuid: 453de14f-9c3d-4f9b-9ac0-cda74bfb0cfc
age: 1230275
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde221fab315c32-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15294
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzliODg2OTUyMjI1ZmFmODkxYzFhOThmN2IyYTU3YjJiLmpwZWc.webp
s-img.mgid.com/g/6288106/680x385/0x0x701x467/ 18 KB
19 KB 54ms
25ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288106/680x385/0x0x701x467/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzliODg2OTUyMjI1ZmFmODkxYzFhOThmN2IyYTU3YjJiLmpwZWc.webp?v=1650292592-ADfxPb5DEiJg0UKob6mctEoKrgEg6jrswLpPzVLYpW4
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8540a450365640543a3511a5059db2cf6467e32e300a5b0882dc2958fd549ab

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 16:01:45 GMT
x-mg-request-uuid: 09ddaf8b-082c-4474-9e9f-77442fae2fc9
age: 1230524
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde221fab2b5c32-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18826
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvNjVjZmY1MDUxYzNmNzIyZ...
s-img.mgid.com/g/12581139/680x385/-/ 20 KB
21 KB 2276ms
2124ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12581139/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvNjVjZmY1MDUxYzNmNzIyZmI4YjllMWIyYjgxYjM5NjYuanBlZw.webp?v=1650292592-TBi27BB8c1WuRPEo3dRvemp4ErZdajwqqHrRS_OdoNc
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2a15a5997b69b2d31b338ab039e409cc83421594f75ee454e7ef60ea6732c02

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 10:14:19 GMT
x-mg-request-uuid: 12307933-4ed3-45b9-80c9-075856f5d6e8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde2220d88b3ac8-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20542
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzcyZjhjOWRkYTZlN2ExZWU2MGFjYTU3N2YwNjBmMDFjLmpwZWc.webp
s-img.mgid.com/g/3860766/680x385/0x13x750x500/ 17 KB
17 KB 203ms
50ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3860766/680x385/0x13x750x500/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzcyZjhjOWRkYTZlN2ExZWU2MGFjYTU3N2YwNjBmMDFjLmpwZWc.webp?v=1650292592-e3XSMdgX_7qYZN4TJHSEJMqWov71HDwD8squ0RNuwlc
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 930e2991750b597d4b9f7edcb76696ff69be64c08a305dac443d0813956ffbd6

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 16:51:15 GMT
x-mg-request-uuid: 028d21d8-5a63-4259-8435-760279296648
age: 23600
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde2220d8893ac8-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17116
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg0LHlfMzg0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC82NDAxY...
s-img.mgid.com/g/11739875/680x385/-/ 30 KB
31 KB 2180ms
2027ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11739875/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg0LHlfMzg0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC82NDAxYTgxZjc0Y2I2NzM5NzVkZjBlYzQ1ZGRmMDdlYS5qcGc.webp?v=1650292592-bcANcwcX96p-4Kt2tE023Sp4JUpFm4S_0dNLVqmsTsI
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5364b83d886651bdb957ae2b6b559d339912896238e08f5b4cca1d941c403e4

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 15:17:57 GMT
x-mg-request-uuid: abd78de7-49bc-490f-8137-aaf330c779b8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde2220d8873ac8-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30610
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDgyLHlfNDQ4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC81YmYxM...
s-img.mgid.com/g/10881049/680x385/-/ 34 KB
35 KB 182ms
31ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10881049/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDgyLHlfNDQ4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC81YmYxMmRkYTYyN2YyNWU2NDM3NDU3NzRlZDBjNTFmZi5qcGc.webp?v=1650292592-seppAvZheortbjUUvYFzfBnnAl7PHX1_0eI4vIion9k
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf8922445310152cdc0c9af56376164b6420a5c4395534403bcbda4355a5b7c6

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 16:05:54 GMT
x-mg-request-uuid: 52d780b5-2a9a-4be2-98fe-331e4ff86c8f
age: 28508
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde2220c8713ac8-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35270
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvOWExN2ZlNmJiNDZiZTRlY...
s-img.mgid.com/g/12068029/680x385/-/ 39 KB
40 KB 1229ms
1077ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12068029/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvOWExN2ZlNmJiNDZiZTRlYTM3ZTU5YjE2ZWE3NDE0ZWIuanBlZw.webp?v=1650292592-FNOSPaLE296VsmQCmhFAupDSiSbXiud7IctumR2zeJM
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde76ea2e8a1c59116b52d63b53d7f2e2295c4b527e56fb650e677d043eaea5a

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 14:22:08 GMT
x-mg-request-uuid: f03c47f1-581b-449c-886b-14e9b427da44
age: 1223080
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde2220d8803ac8-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40442
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvNmM2YmMzMzc2YWQ3MGEwM...
s-img.mgid.com/g/10881005/680x385/-/ 22 KB
22 KB 222ms
70ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10881005/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvNmM2YmMzMzc2YWQ3MGEwMjg3NGU2NmE1Mzk1ZDM3NWUuanBlZw.webp?v=1650292592-MFBHS5yrIw9EeI7IkCFcg9x_TmgRjJtvuDVieDPB6FA
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6188f07ca3cb9fea057a3539261061961b53028f36379c6d2b172c4b8b7b7964

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 16:26:06 GMT
x-mg-request-uuid: 25fdf6c6-ebc0-40ab-9cba-f124a0363a46
age: 1213060
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde2220d8823ac8-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22100
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvNDAzNjYxYTc5MWE0MzI1O...
s-img.mgid.com/g/12068030/680x385/-/ 33 KB
34 KB 203ms
51ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12068030/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvNDAzNjYxYTc5MWE0MzI1OWU2ODc0NTZjMTM0NjlhMTcucG5n.webp?v=1650292592-ZOgggabKoqzg6yNGlJKogEtdxmOGyuGImvjWHqGBxHg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 998e0e8b919d31cfe3c7473d978a22aba8ed951e58e10aed90bfe8436d004a9a

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 14:13:37 GMT
x-mg-request-uuid: 422bf6b5-03a7-4ffc-a878-de731036f40e
age: 1134840
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde2220d8833ac8-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34066
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEwMTkyNC80NWM5ZGU3Z...
s-img.mgid.com/g/12578194/680x385/-/ 1 MB
1 MB 280ms
128ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12578194/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfNjgwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzEwMTkyNC80NWM5ZGU3ZWVlZjEyMWFiY2Y2MmU1OWI3ZTY2YzkxYi5naWY.gif?v=1650292592-tcZbhvJzIqVUUnSrUAn62k9Q8lFj4BRO7wzap7tpnww
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bef3caa7728c4b6dbe1a560930610f4d11c1189d6c7ce891d81bf76de1620fe

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
x-mg-request-uuid: 8e5141e0-993c-4330-a1be-7bdc8fb44e79
age: 1225681
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1187751
last-modified: Tue, 29 Mar 2022 06:39:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde2220d8863ac8-CDG
cf-bgj: imgq:100,h2pri

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvMDM5MWUxMDQ5NzJlYWU4M...
s-img.mgid.com/g/10881004/680x385/-/ 8 KB
8 KB 1283ms
1131ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10881004/680x385/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvMDM5MWUxMDQ5NzJlYWU4MWM3YjFlODE3Njg1Nzg3MzUuanBlZw.webp?v=1650292592-qy1x7R83x9A_G_a8RihItx2SHUZbxgeT__UWDTmyxUU
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72fdc8a83149b97ae051d782deed1671f7198e6d4957c8aefef4ba4aa7d94913

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 16:08:10 GMT
x-mg-request-uuid: 0a091b2f-8d0c-43e1-97ef-a75ea9669903
age: 1212979
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6fde2220d8853ac8-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7994
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ 0
38 B 125ms
114ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1650292592601287116674
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fde221feea93a4d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame FFF9 0
102 B 107ms
107ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1650292592616497408252
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6fde221feeaf3a4d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 haloid Show response
id.halo.ad.gt/api/v1/ 6 KB
3 KB 729ms
162ms Script
text/javascript 35.85.185.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.halo.ad.gt/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&ref=https%3A%2F%2Ft.co%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.185.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-185-37.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: c5d5e7f685c3bb91e84b94b6738310b8e2de4056b4668c42131ec64b3f014e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:33 GMT
content-encoding: gzip
origin-trial
server: nginx/1.20.0
content-type: text/javascript; charset=UTF-8

GET
H2 200 251 Show response
p.ad.gt/api/v1/p/ 26 KB
8 KB 736ms
165ms Script
application/javascript 54.68.117.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/251
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&ref=https%3A%2F%2Ft.co%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.117.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-117-43.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 9d6d1d907a02a5efc58c3730cf1abb56714427921566cf6a322d9ab77a3239bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:33 GMT
content-encoding: gzip
last-modified: Fri, 15 Apr 2022 13:40:06 GMT
server: nginx/1.18.0
etag: W/"1650030006.0-27076-2710964840"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=43200
expires: Tue, 19 Apr 2022 02:36:33 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3Dd868c425-e7ac-479a-9a12-5d728d7d731d%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&adnxs_id=5838608348932091605

43 B
471 B

789ms
315ms

Image
image/gif

54.148.204.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&adnxs_id=5838608348932091605
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Server: 54.148.204.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-204-204.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:33 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 19 Apr 2022 02:36:33 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 14:36:32 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2a8d9148-c882-4d15-a178-88e7429e7b64
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&adnxs_id=5838608348932091605
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=d868c425-e7ac-479a-9a12-5d728d7d731d
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=d868c425-e7ac-479a-9a12-5d728d7d731d
https://ids.ad.gt/api/v1/t_match?tdid=39c07bc9-bc75-436d-83e3-57c24b03d907&id=d868c425-e7ac-479a-9a12-5d728d7d731d

43 B
466 B

747ms
316ms

Image
image/gif

54.148.204.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=39c07bc9-bc75-436d-83e3-57c24b03d907&id=d868c425-e7ac-479a-9a12-5d728d7d731d
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Server: 54.148.204.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-204-204.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:33 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 19 Apr 2022 02:36:33 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:32 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=39c07bc9-bc75-436d-83e3-57c24b03d907&id=d868c425-e7ac-479a-9a12-5d728d7d731d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dd868c425-e7ac-479a-9a12-5d728d7d731d
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dd868c425-e7ac-479a-9a12-5d728d7d731d
https://ids.ad.gt/api/v1/pbm_match?pbm=EFFBB907-0137-4D26-9143-4381DDCE2549&id=d868c425-e7ac-479a-9a12-5d728d7d731d

43 B
468 B

168ms
168ms

Image
image/gif

54.148.204.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=EFFBB907-0137-4D26-9143-4381DDCE2549&id=d868c425-e7ac-479a-9a12-5d728d7d731d
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Server: 54.148.204.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-204-204.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:34 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 19 Apr 2022 02:36:34 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=EFFBB907-0137-4D26-9143-4381DDCE2549&id=d868c425-e7ac-479a-9a12-5d728d7d731d
date: Mon, 18 Apr 2022 12:12:06 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=d868c425-e7ac-479a-9a12-5d728d7d731d
https://ids.ad.gt/api/v1/g_match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&google_gid=CAESEAveh9E2FYbZJdqpuMIbJKU&google_cver=1&google_ula=450542624,0

43 B
469 B

679ms
159ms

Image
image/gif

54.148.204.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&google_gid=CAESEAveh9E2FYbZJdqpuMIbJKU&google_cver=1&google_ula=450542624,0
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Server: 54.148.204.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-204-204.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:33 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 19 Apr 2022 02:36:33 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&google_gid=CAESEAveh9E2FYbZJdqpuMIbJKU&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=d868c425-e7ac-479a-9a12-5d728d7d731d
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZDg2OGM0MjUtZTdhYy00NzlhLTlhMTItNWQ3MjhkN2Q3MzFk

170 B
188 B

32ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZDg2OGM0MjUtZTdhYy00NzlhLTlhMTItNWQ3MjhkN2Q3MzFk

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZDg2OGM0MjUtZTdhYy00NzlhLTlhMTItNWQ3MjhkN2Q3MzFk
date: Mon, 18 Apr 2022 14:36:33 GMT
server: nginx/1.20.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2 200 cm
u.openx.net/w/1.0/ 43 B
305 B 600ms
31ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3Dd868c425-e7ac-479a-9a12-5d728d7d731d%26auid%3Dd868c425-e7ac-479a-9a12-5d728d7d731d
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:33 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

impr_match
ids.ad.gt/api/v1/
Redirect Chain

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3Dd868c425-e7ac-479a-9a12-5d728d7d731d%26impr_uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3Dd868c425-e7ac-479a-9a12-5d728d7d731d%26impr_uid%3D%7BPUB_USER_ID%7D
https://ids.ad.gt/api/v1/impr_match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&impr_uid=aeac8b8c-5e95-4c3f-9698-ac321ed9b36c

43 B
378 B

251ms
250ms

Image
image/gif

54.148.204.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/impr_match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&impr_uid=aeac8b8c-5e95-4c3f-9698-ac321ed9b36c
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Server: 54.148.204.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-204-204.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:33 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 19 Apr 2022 02:36:33 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/impr_match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&impr_uid=aeac8b8c-5e95-4c3f-9698-ac321ed9b36c
date: Mon, 18 Apr 2022 14:36:33 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

mediamath_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3Dd868c425-e7ac-479a-9a12-5d728d7d731d
https://ids.ad.gt/api/v1/mediamath_match?user_id=9f4d625d-7772-4f00-bd8a-a3d89590c1a5&id=d868c425-e7ac-479a-9a12-5d728d7d731d

43 B
379 B

159ms
159ms

Image
image/gif

54.148.204.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/mediamath_match?user_id=9f4d625d-7772-4f00-bd8a-a3d89590c1a5&id=d868c425-e7ac-479a-9a12-5d728d7d731d
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Server: 54.148.204.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-204-204.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:34 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 19 Apr 2022 02:36:34 GMT

Redirect headers

Date: Mon, 18 Apr 2022 14:36:34 GMT
Server: MT3 4335 2c68c00 master ord-pixel-x24 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=9f4d625d-7772-4f00-bd8a-a3d89590c1a5&id=d868c425-e7ac-479a-9a12-5d728d7d731d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 18 Apr 2022 14:36:33 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
472 B 426ms
425ms Image
image/gif 54.148.204.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=d868c425-e7ac-479a-9a12-5d728d7d731d&halo_id=02018hqkt607jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.204.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-204-204.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:33 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 19 Apr 2022 02:36:33 GMT

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
52 B 709ms
167ms Script
text/plain 44.240.45.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=a93fd1fa7ac5c0e4e32ba49169e553c4&url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.45.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-45-112.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:34 GMT
server: nginx/1.20.0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 50ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: MtW9VJng9+BFwvREAXqzEz0JkWJcNAOV7a1L+m5r28rV6oHxTZ4zkrXeQRwxTExWTcIxcRAGqHkFb42DyoHxnw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 18 Apr 2022 14:36:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 18 Apr 2022 15:04:43 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 13:50:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 18 Apr 2022 14:50:21 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9341 42 B
108 B 571ms
51ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGRnCfMI5L1StbHyKptwMjJB5PUj6Zft0h3ASXH795OzzEBMuzU5SUWQD3GjLAq0ejo2sdXbTymCtYIlKWvNjv7Tlm27aCbN75JB_6NRZ8sBlhFN6_Ig&sai=AMfl-YQ-4Cimj51To3NAaK53LceV2nBw_AsJYETuYQIzydc047PtsqjISPmEGBmx_vCZK8LEpkc_Uk-YiP0H2j-hocF2E6kyIIaAdCybwPj-fHndp0ODUFwLJp0y5X0OGinI&sig=Cg0ArKJSzJafMr9AmPgsEAE&cid=CAASUORoGgNclHRrCaV--hsQwk5Iyp18xoe5RFvt-Rln_TQagh5dWMkspDWAFCqEPItk_bv6s0hsLWmdE2Ms8-sWuRXfIrJIgFRM0xjf3L597o3G&id=ampim&o=315,130&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,0,1011,1011&tos=0,0,0,1011,0&tfs=472&tls=1483&g=100&h=100&tt=1483&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1577784758

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7FA1 42 B
497 B 471ms
51ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZvcWjxKWZS-2MiSWcLK49LRP8X7jW1S_5DA7MXvDCTP1nypLI2dSoqxBCf7Br0k2c8uNjm-KAo4ct5K3EBMPXpN4dyMNW3aodrQotT0ExEXPKvFInrw&sai=AMfl-YSGbLhU20QLo2FECDKufw3AJBjEvoAiF-otJNetG7vk1eH6DhoL0cJretzjCMv38N56qNwyiiAlPKYWPpYIDZPqIqBhAszQYgyKteHvu-EWWLGgiIxGryBoDXqgCNDI&sig=Cg0ArKJSzOP19xxhzx1hEAE&cid=CAASUORoH1LX8ukFI5Flepuj4_K__zKHSYAWV_7PRHGlngTGX7jYfDrFWTDZcMm2gdxyI0aL9NQqWhBXJRgHdhtlaG0ktBE4aJ9fTQfJ_pASQZ97&id=ampim&o=1083,577&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1019&mtos=0,0,1019,1019,1019&tos=0,0,1019,0,0&tfs=464&tls=1483&g=100&h=100&tt=1483&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3836433192

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 14:36:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
reporting.powerad.ai/ 2 B
271 B 94ms
94ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.techtimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 Apr 2022 14:36:33 GMT
server: nginx/1.14.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H3 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 17ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

834902c653ef2a094f4505f86727b7d767a6a86337aa26b87d84592def61d82e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 90223
x-xss-protection: 0
pragma: public
x-fb-debug: knaZI3Kv22LyT+yqdBCH98aRdsB70g/atMvKKiOkY7ut50Hpoi8oEdZyE/7Es7UHOErdiRhDBaekRw6E/2UM8g==
x-frame-options: DENY
date: Mon, 18 Apr 2022 14:36:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 29ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F274335%2F20220415%2Fconti-ransomware-group-attacks-wind-turbine-company-nordex.htm&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1650292594149&cd[partner_id]=251&cd[tagger_id]=a93fd1fa7ac5c0e4e32ba49169e553c4&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650292594148.720410709&it=1650292594073&coo=false&tm=1&rqm=GET

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 18 Apr 2022 14:36:34 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame CF75 0
18 B 17ms
8ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/274335/20220415/conti-ransomware-group-attacks-wind-turbine-company-nordex.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.techtimes.com
Referer: https://www.techtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.techtimes.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 14:36:34 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 35ms
21ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c69aa63057773afd9944c867a13f9f074c6d7e70acab7faec2d5e9f89761ab5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 14:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10480
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Apr 2022 14:36:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C8D 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 13:48:12 GMT
expires: Tue, 18 Apr 2023 13:48:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FB90 783 B
536 B 26ms
25ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9f865e95d54615c92347927406b7967ab12c372dd2377cd9ef4256b3ce84aded

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wh3TF17zz1LNd+kyUZNRTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Wh3TF17zz1LNd+kyUZNRTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 14:36:36 GMT
expires: Mon, 18 Apr 2022 14:36:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C8D 35 KB
13 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 10:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Apr 2023 10:50:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FB90 0
0 105ms
105ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=2126749961817601&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9C8D 0
9 B 9ms
9ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?H-7KQw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:36:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=2126749961817601&bg=!oKOlo-fNAAZvJBiFTyQ7ACkAdvg8WkRoiK7iSSLGe3mZETYl3z77Ugvmrbg93-qSeR00X00NZStc5wIAAABRUgAAAAVoAQcKAC3xhnEsfzWNxw1FW8rbYrLmzksFP_v6cQFWMMUxaQ1PFsiGilqTZNd4PrH8ddSZAqsuhYSuebL0KUcu2srGTT54oBMa0OuC_nGclsfteogQPguNfa4ETnOWlcm3DpR8PHzpkAmVLktnN0bM09ODQsGOd33Iut15w_4BipVAbDXuMuiQMjRaSeiuUustmyH3x3euedNWoCkrTQ8ZupkxtLHiwG4epa5CgFABe_S6jbGzdOf4YiungM0FC6YnqrSSQYnYN_LTOcl_7m3xhc3weuFzM5WB8Pvcu2ssHYtMW2z49pI_XX9U2YJRQ9osUNEuxp_gehkZq5i-3ptkm-braJMMFmlt1reYEo3yJ9ajrksin30F18tlZ8bUiazuZBkz8s71fx2JzhwwQHI7bD1EwnexeoN227ourO9plwOqs7pJRlCkPZzXh8yw_ssPr7a55FJay0lFEGc2_d5MYBtdv24CDiwV0VbfjRUsRY4PDiusoBz1RsTReBFkQXgGRX3H6s_XpmtXkKQ6ulOvnf-YhaLgDGZgv007sPqAl4kzAwFvS3QdVbJLq5pPLQzp5Am1kSOqIB0Zg_BpWcq3pbwHZ3jAYWqjW6UBAzOdtLi03_KRMURQjSFIbDnOyKXSi5DxUVNTYUG_JRmoZkL9MPgun_eqAMPKhU7u0hLQ18qf8vQh2rtloRpVujz2fFMWKGFj1To0WOUeioAN7Vd_SPmC-8GGHZBFJxEbL0T0UrwD3lu3HeY2fDrunC8M3sioRUCI0QLZNFS8TLwClvkV5d2_3tJBCUAaFLm4La6WzUWuC9rnYBUe8vpMFgtqMVv7bkAxG5DNr_fzqTXiaZQC04gCSoBvphlPXOYs1AqMEBdcF4JA0vPGCuDbUaDSuHIYY2jHh7jOdR6i-ZzUmntqlPKKSaMfgFB65BYZhEOLMaOiFs8vBlCHoNuU4rpr9IisPnDQUCcwidAJWB_slLLa_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 11:55:06	Name: muc Value: e99cb5f7-4dc2-4088-8425-0b1a00719cd7
.scorecardresearch.com/	1970-01-20 19:41:40	Name: UID Value: 14Ef7767425640758e0953a1650292591
.mgid.com/	1970-01-20 02:24:54	Name: __cf_bm Value: SxI4rTblK2RZILp_Wj4BnQ9V9OHS99it6vwTbcG61uE-1650292591-0-AYyVIL4EWXhAr4k1WTqaGjwptUNTKpFwjk8/VHRJFMFa/nxo+Nb3u2JQH//FZoj9nuh+cVgMqHNoJLEl/BaBEhE=
.techtimes.com/	1970-01-20 03:08:04	Name: 0671504c615efb6e7d264fa5c254d4de Value: MmEyZjNiYzEyMTU2YmIyZDJkZTUyZmFhNzJjODhkM2U%3D
.techtimes.com/	1970-01-20 02:24:53	Name: 593cfd5347cffb5d616d336b7eaec52d Value: MQ%3D%3D
.quantserve.com/	1970-01-20 11:55:06	Name: mc Value: 625d776f-948b0-7c1d9-8d668
.techtimes.com/	1970-01-20 11:49:21	Name: __qca Value: P0-1823958545-1650292591591
.techtimes.com/	1970-01-20 11:10:28	Name: _jsuid Value: 517498985
.techtimes.com/	1970-01-20 02:24:53	Name: _first_pageview Value: 1
.techtimes.com/	1970-01-20 03:08:04	Name: _referrer_og Value: https%3A%2F%2Ft.co%2F
.techtimes.com/	1970-01-20 19:56:04	Name: _ga Value: GA1.2.1056736256.1650292592
.techtimes.com/	1970-01-20 02:26:18	Name: _gid Value: GA1.2.616284209.1650292592
.techtimes.com/	1970-01-20 02:24:52	Name: _gat_gtag_UA_41574041_1 Value: 1
.techtimes.com/	1970-01-20 11:46:28	Name: __gads Value: ID=8019b57803e91c74-22eced017acd0048:T=1650292591:S=ALNI_MZ3sXyEfvUwme3zBuc33Ut_7AhTmA
.doubleclick.net/	1970-01-20 11:46:28	Name: IDE Value: AHWqTUkhSscPbK4nyCDpEOVKLOI0Gwi-mYLMvUwjXAVlejUSwMvFYcHhFtjGNRqfi4U
powerad.ai/	1969-12-31 23:59:59	Name: 9645dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12331dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12593dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12594dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12595dcr-g Value: 1
.techtimes.com/	1970-01-20 02:24:52	Name: _gat_gtag_UA_167135943_23 Value: 1
www.techtimes.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22g2HanVXsA%22%7D%2C%22C1119383%22%3A%7B%22page%22%3A1%2C%22time%22%3A1650292592548%7D%7D
.doubleclick.net/	1970-01-20 02:24:56	Name: DSID Value: NO_DATA
.ad.gt/	1970-01-20 19:56:04	Name: au_id Value: d868c425-e7ac-479a-9a12-5d728d7d731d
.ad.gt/	1970-01-20 02:26:18	Name: au_idmatch Value: eyJhcG4iOiAxNjUwMjkyNTkyNjY1LCAidHRkIjogMTY1MDI5MjU5MjY2NSwgInB1YiI6IDE2NTAyOTI1OTI2NjUsICJhZHgiOiAxNjUwMjkyNTkyNjY1LCAiaGFsbyI6IDE2NTAyOTI1OTI2NjUsICJnb28iOiAxNjUwMjkyNTkyNjY1LCAib3BlbngiOiAxNjUwMjkyNTkyNjY1LCAiaW1wciI6IDE2NTAyOTI1OTI2NjUsICJtZWRpYW1hdGgiOiAxNjUwMjkyNTkyNjY1fQ==
.adnxs.com/	1970-01-20 04:34:28	Name: uuid2 Value: 5838608348932091605
.adsrvr.org/	1970-01-20 11:10:28	Name: TDID Value: 39c07bc9-bc75-436d-83e3-57c24b03d907
.adsrvr.org/	1970-01-20 11:10:28	Name: TDCPM Value: CAEYBSABKAIyCwiOipiK8tTQOhAFOAE.
.360yield.com/	1970-01-20 04:34:28	Name: tuuid Value: aeac8b8c-5e95-4c3f-9698-ac321ed9b36c
.360yield.com/	1970-01-20 04:34:28	Name: tuuid_lu Value: 1650292593
.ad.gt/	1970-01-20 19:56:04	Name: last_seenadx Value: 1650292593409
.ad.gt/	1970-01-20 19:56:04	Name: first_seenadx Value: 1650292593409
.ad.gt/	1970-01-20 19:56:04	Name: last_seeng_hosted Value: 1650292593409
.ad.gt/	1970-01-20 19:56:04	Name: g_hosted Value:
.ad.gt/	1970-01-20 19:56:04	Name: last_seenadnxs Value: 1650292593409
.ad.gt/	1970-01-20 19:56:04	Name: first_seenadnxs Value: 1650292593409
.ad.gt/	1970-01-20 19:56:04	Name: last_seentd Value: 1650292593410
.ad.gt/	1970-01-20 19:56:04	Name: first_seentd Value: 1650292593410
.ad.gt/	1970-01-20 19:56:04	Name: last_seenimprove Value: 1650292593474
.pubmatic.com/	1970-01-20 04:34:28	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-20 04:34:28	Name: KADUSERCOOKIE Value: EFFBB907-0137-4D26-9143-4381DDCE2549
.ad.gt/	1970-01-20 19:56:04	Name: last_seenhaloid Value: 1650292593603
.ad.gt/	1970-01-20 19:56:04	Name: first_seenhaloid Value: 1650292593603
.ad.gt/	1970-01-20 19:56:04	Name: last_seenpbm Value: 1650292594029
.ad.gt/	1970-01-20 19:56:04	Name: first_seenpbm Value: 1650292594029
.techtimes.com/	1970-01-20 04:34:28	Name: _fbp Value: fb.1.1650292594148.720410709
.mathtag.com/	1970-01-20 11:50:47	Name: uuid Value: 9f4d625d-7772-4f00-bd8a-a3d89590c1a5
.facebook.com/	1970-01-20 04:34:28	Name: fr Value: 0RiepXkwXPxleO6Cg..BiXXdy...1.0.BiXXdy.
.ad.gt/	1970-01-20 19:56:04	Name: last_seenmediamath Value: 1650292594256

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1111210941.rsc.cdn77.org
1734811051.rsc.cdn77.org
6b4c166c81dc766c5081c583070100d4.safeframe.googlesyndication.com
a.ad.gt
ad.360yield.com
ads.anura.io
ads.pubmatic.com
adservice.google.com
adservice.google.de
c.amazon-adsystem.com
c.mgid.com
cdn.ampproject.org
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.mgid.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hb.brainlyads.com
id.halo.ad.gt
ids.ad.gt
image2.pubmatic.com
in.getclicky.com
jsc.mgid.com
match.adsrvr.org
p.ad.gt
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.zprk.io
pixels.ad.gt
powerad.ai
reporting.powerad.ai
rules.quantcount.com
s-img.mgid.com
sb.scorecardresearch.com
script.anura.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servicer.mgid.com
stackpath.bootstrapcdn.com
stat.techtimes.com
static.getclicky.com
stats.g.doubleclick.net
sync.mathtag.com
t.co
tpc.googlesyndication.com
u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.techtimes.com
104.19.132.78
104.19.136.78
104.244.42.197
104.36.113.107
142.250.185.194
142.250.186.98
143.204.95.188
143.204.98.109
143.204.98.87
15.197.193.217
18.135.170.242
18.136.115.17
18.211.226.152
185.33.221.13
198.145.13.13
2.20.157.2
2001:4de0:ac18::1:a:2a
216.200.232.253
23.20.158.212
2600:9000:2156:9c00:6:44e3:f8c0:93a1
2606:4700::6810:a010
2606:4700::6811:190e
2606:4700::6812:acf
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9d
2a02:6ea0:c700::10
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.111.216.4
34.246.109.130
34.98.64.218
35.190.31.133
35.85.185.37
44.240.45.112
54.148.204.204
54.234.151.247
54.68.117.43
54.71.105.247
0331b1bdc2a7a3b68aebae09c2aea659b209e6f045aa07cb5980eb70ccf1d51b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
062ecbd849f34c394b50bb3e79020cb66a2092122114ffb6188535f0ba8952a3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08895426c0d9a9330b4b4988d244fb0f964082f78b8a929db01792481c508e49
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0a815cc128e3412d2fcf3fa0a93a9c4bc0cfa7c4fcd7db39bb28b53732011029
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
136ef2eacfd51b14c2100cfd47e56897880900082f4de6083a84d32630b3414f
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
19eee3da5d563e591962bef3ca132caf6ef1fd0a96ffc5412d291f02ad94938f
1ba72bbecea40fb39b1407b46add5eaa6674ad97e44426b2ac4b73025338b75e
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
21471df21aa9139cd02a28824b81e1eeab2735b14e35a3aeaae7f1a976a2057d
2204ecc1fc6846c6ec12a8b88427cd1b9b47955c11fb34ed27dd731655a7ff6f
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3c69aa63057773afd9944c867a13f9f074c6d7e70acab7faec2d5e9f89761ab5
3f8749814f274cfc18099a4d3c55d6a119b3067f4c34edebafc74e36005550fb
4295a34f0395dfae8f8c9e24f12de869d9f7cadd1853f4888c09fba2cce1ca8d
4994ee56e5bc27636d5757b2f566a11a4e293ae290b78426175a5c556a3257f4
4d6c0441395a79f993612963489cf57d905fd2e938df3847cb5aa4595ac8e75b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
549112bc130160ae62719497e057e28f50879c18d927de9b411255a20270ba0d
55937ee52d6d7e8746015398bf3a77e7a3d0c62c622766b9707402368d3181bc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564909ae57a774bce3a438e2df0cbe3f8794d33acf6715625e87cb06bfa31908
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b20151a1f3855739a388f05074c181072566416c06693a7d8c8fddacbd157f9
5bef3caa7728c4b6dbe1a560930610f4d11c1189d6c7ce891d81bf76de1620fe
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6188f07ca3cb9fea057a3539261061961b53028f36379c6d2b172c4b8b7b7964
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6269ba7af84361388f3b6e85d9f0b5d89fbee738f358260665d99c00bbcc0a17
645ee12061794b2ae46fb95c147afb5ef99fd88a9d2f1d871fa48a4be86b0792
66ea91a01b97feca3757a3ff16e3782973b559b2d4cbe79f7704e91607f9aa47
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6837ee5bbfe3f66ce807e7273d8c022f1e3e64cae80fb2172b1a28ec2758086c
6949cfebe4764b7ccc671e10c550b3c7e0c58a139444513d6d8afe4a92fbe92c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d35330fc69576358ebe546213c8e70b44fe1309e82f23b2a7955094ae2e9a24
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
72fdc8a83149b97ae051d782deed1671f7198e6d4957c8aefef4ba4aa7d94913
73f0080cc62e2488c6bbed08b50301eed10b545cb426b48960e6284b45e68896
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77f44daa71b6da27e1e1a96cf63431d35e916f752b1b5bae6fca55e7190b2970
7852ee64c59c579042dca0b1136eae6d5f044e5e6c17323d9a091d23e51294b6
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7c4de0eb600d35e53daf51677ae15c1fe01c48f0c5a1ee98c14d8de41e42e479
7e36542940f576f91f4b9755e161e80189894ae362c0c426df3b3bc000b65c05
7e3f34e858774d3150691657e4739907593a5d82929371fbc37034bbecbc63e6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80817762a9d076e635e1eab0707b5a9d2c660dd6aeb0fa96f175afaed56f062e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834902c653ef2a094f4505f86727b7d767a6a86337aa26b87d84592def61d82e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
890455fc1365d4ebfefe979ec4ac3ec08c43505d348358361164714cb390b8b6
898e41fe0925e206f450a122f6cfae749346a81f1bf492bc6ad15e47b5fdf90b
89afba0508f20aa2bcb817c8d62411280d04e4230d4f51d92db74e0f509760b7
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
9017d6131bbe73a5233e0e86395b5ca524575c599daaf1983ed006d0d31809b4
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
930e2991750b597d4b9f7edcb76696ff69be64c08a305dac443d0813956ffbd6
933fef7833027f0987904ee28c6e8f4cc94a72ecb28f94657316253c8102fe23
9751f0e58ee1b5a83930fa22bf3b4562a3dd3d0424d2adb17423cc38d5cb847f
998e0e8b919d31cfe3c7473d978a22aba8ed951e58e10aed90bfe8436d004a9a
99a5efd3d1c088c308da63f299791db08c40cf8e1da421f30399ce8a9bed36ab
9d6d1d907a02a5efc58c3730cf1abb56714427921566cf6a322d9ab77a3239bb
9f865e95d54615c92347927406b7967ab12c372dd2377cd9ef4256b3ce84aded
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f88d08546b3a1e39133cc702ff76e9f713a38563c825a824e612fb2154c316
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a969f23d2a86a8fbe27e34999a42c0aae9d7b7c46f33113e040cf123077c5a8b
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b11e900264ac2a22d330f85e58c35c9a5aec2e4c31cea86a09ffdac47a3ecf07
b2cf31ca947be6dd3ff318d66b2a6eb397f2311490ea939ed9a663c7d5e729a4
b37528b8edfca9b4c56e243195e0f48b6a83878d30dca3c4eb67e530ad3b4428
b5364b83d886651bdb957ae2b6b559d339912896238e08f5b4cca1d941c403e4
b8540a450365640543a3511a5059db2cf6467e32e300a5b0882dc2958fd549ab
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bf45a7baa72be7417cc074173e88f566b7b9759e07f1dc502f71c0d7b186a638
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5d5e7f685c3bb91e84b94b6738310b8e2de4056b4668c42131ec64b3f014e40
c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb561cd233f45d1673411866767ddb162ee40503bc71195ef8f186ec41f97fa6
ce6b19936178028f2ee1c36e25a766fed720c9c8711183b1733455f93b3d2b55
cf8922445310152cdc0c9af56376164b6420a5c4395534403bcbda4355a5b7c6
d335cce79efdc8b59287b72e33cc52d6002da1d3d49201233bddecae402cbafd
d41678a7cf1b53173fe95f15735b5163c678e84455ae595bf8b68e114d60aebe
d6447b819f1671061eaef6eb9a388b162c8714aed75720e7e4a579f738e30cb6
dde76ea2e8a1c59116b52d63b53d7f2e2295c4b527e56fb650e677d043eaea5a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8b516725604d41a81c6a759bfc24b93daba139d712e6ad35e2ba4a8185e7d
e48ea5b8bc65206eac26eed1807d9573f44bbf14f853cff99a2d1b2928952bad
e992885dab71202942febe0f8b83cee04c5c927bb81945eed17d4e36f0cf42d8
eaa1d2a49cd9fb20ef40d866d1deecabee82db7146e40de17753c145bd557ea3
ec928563715656ae5bdf56bcc7215a4d1723c52158709bc2cc36e02af142d089
ee47bfb6903b6360309f6ef74fba22799ead87bb8a72cbc317dcd4b3fdf75fbc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef89d02c630618782c192f51f7a2e05648009e950f6417ad26da708edef62645
f1f8e52f3acb8c8ab4998465bbe11b70f7384ecd29c8f6450c9228a6ca2d0a65
f2a15a5997b69b2d31b338ab039e409cc83421594f75ee454e7ef60ea6732c02
f448860b7cb1a5a1937290f5660ece771bb2dd88ab5192108856184af7b4c200
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbcc0b1e2e737dd48997a140ae6e034d6e1479652e0b2eac58df1344bacd2e1a
fbf61190d1dead1c640200707864416b7c7a73fffd52061f62909740490c5561
fc21700b0b409748bd305ca9c4ee3ef3069bc1c50a286de7411bbf14b3294a83
ff1f3fa12eef47fe065fa8cc8d7b6f313682db4f3b09bb32fd71561e93435d41

www.techtimes.com Open in urlscan Pro 34.111.216.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

158 Requests

94 %HTTPS

45 %IPv6

35 Domains

58 Subdomains

47 IPs

9 Countries

3855 kBTransfer

7073 kBSize

49 Cookies

28 Outgoing links

Page URL History

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.techtimes.com Open in urlscan Pro
34.111.216.4 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

94 %
HTTPS

45 %
IPv6

35
Domains

58
Subdomains

47
IPs

9
Countries

3855 kB
Transfer

7073 kB
Size

49
Cookies

158 HTTP transactions
2 data transactions