channel969.com Open in urlscan Pro
95.217.85.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-government-computers/
Effective URL:
https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Submission: On April 16 via api (April 16th 2022, 5:10:46 am UTC) from GB — Scanned from GB

Summary HTTP 207 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 31 domains to perform 207 HTTP transactions. The main IP is 95.217.85.252, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is channel969.com.
TLS certificate: Issued by R3 on March 15th 2022. Valid for: 3 months.

This is the only time channel969.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	95.217.85.252 95.217.85.252	24940 (HETZNER-AS) (HETZNER-AS)
7	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
42	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223e:b000:1b:5a63:840:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
11	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 2	104.89.42.102 104.89.42.102	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4	2a00:1288:110... 2a00:1288:110:c104::a000	34010 (YAHOO-IRD) (YAHOO-IRD)
2	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700:20:... 2606:4700:20::ac43:4615	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.65.69 151.101.65.69	54113 (FASTLY) (FASTLY)
2	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700:310... 2606:4700:3108::ac42:288a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:4c:... 2a04:4e42:4c::666	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::681a:d89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:fa87:fff... 2a04:fa87:fffd::c000:42d0	2635 (AUTOMATTIC) (AUTOMATTIC)
207	37

21 95.217.85.252 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.252.85.217.95.clients.your-server.de

channel969.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:b000:1b:5a63:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1rytvr7gmk1sx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.42.102 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:110:c104::a000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

techcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

venturebeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4615 (United States)

ASN13335 (CLOUDFLARENET, US)

thehackernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.69 (United States)

ASN54113 (FASTLY, US)

cdn.sstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

m-cdn.phonearena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:288a (United States)

ASN13335 (CLOUDFLARENET, US)

www.nanowerk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:4c::666 (United States)

ASN54113 (FASTLY, US)

www.cnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:d89 (United States)

ASN13335 (CLOUDFLARENET, US)

telecomtalk.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffd::c000:42d0 (Ireland)

ASN2635 (AUTOMATTIC, US)

www.macworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128	494 KB
41	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com	826 KB
23	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	220 KB
21	channel969.com 1 redirects channel969.com	468 KB
15	criteo.net static.criteo.net — Cisco Umbrella Rank: 632 pix.eu.criteo.net — Cisco Umbrella Rank: 7400 csm.eu.criteo.net — Cisco Umbrella Rank: 7420	128 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	253 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	5 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	2 KB
4	techcrunch.com techcrunch.com — Cisco Umbrella Rank: 35325	256 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13058 ads.eu.criteo.com — Cisco Umbrella Rank: 7422 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9555	50 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	macworld.com www.macworld.com — Cisco Umbrella Rank: 134479	20 KB
2	telecomtalk.info telecomtalk.info — Cisco Umbrella Rank: 800761
2	cnet.com www.cnet.com — Cisco Umbrella Rank: 16690	110 KB
2	nanowerk.com www.nanowerk.com — Cisco Umbrella Rank: 907746
2	phonearena.com m-cdn.phonearena.com — Cisco Umbrella Rank: 203682	307 KB
2	sstatic.net cdn.sstatic.net — Cisco Umbrella Rank: 9597	13 KB
2	thehackernews.com thehackernews.com — Cisco Umbrella Rank: 210086	80 KB
2	venturebeat.com venturebeat.com — Cisco Umbrella Rank: 81783	428 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 622	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1696	1 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4830	914 B
2	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1661	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	96 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 350	460 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1537	351 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1127	463 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 238	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	645 B
1	cloudfront.net d1rytvr7gmk1sx.cloudfront.net	47 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
207	31

	Domain	Requested by
31	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
21	pagead2.googlesyndication.com	channel969.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
21	channel969.com	1 redirects channel969.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net channel969.com
10	www.gstatic.com	googleads.g.doubleclick.net
9	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
8	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
7	pix.eu.criteo.net	ads.eu.criteo.com
7	static.criteo.net	ads.eu.criteo.com
7	www.googletagservices.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	channel969.com googleads.g.doubleclick.net cdnjs.cloudflare.com
4	techcrunch.com
4	cm.g.doubleclick.net	channel969.com googleads.g.doubleclick.net
4	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.macworld.com
2	telecomtalk.info
2	www.cnet.com
2	www.nanowerk.com
2	m-cdn.phonearena.com
2	cdn.sstatic.net
2	thehackernews.com
2	venturebeat.com
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	secure.gravatar.com	channel969.com
2	www.googletagmanager.com	channel969.com www.googletagmanager.com
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	d1rytvr7gmk1sx.cloudfront.net	channel969.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
207	43

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
api.whatsapp.com
www.linkedin.com
d1rytvr7gmk1sx.cloudfront.net
news.sophos.com
www.techrepublic.com
www.sophos.com
u7061146.ct.sendgrid.net
rateyourmix.com
socialskates.com
uhamka.ac.id
telegra.ph
seo4you2.com
mpo4d-terbaru34567.canariblogs.com
www.desingshop.us
forums.bestbuy.com
www.casinositehot.com
www.casinositetop.com
www.baccaratsite.info
www.casinosite.one
www.casinosite.zone
3658wz.com
lms.ilearnafrica.net
www.empowher.com
saveyoursite.date
goqna.com
www.niubids.com
www.venderporinternet.org
pascal.msxall.com
bookmark.yakidel.xyz

Subject Issuer	Validity	Valid
channel969.com R3	`2022-03-15` - `2022-06-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
www.intheknow.com DigiCert SHA2 High Assurance Server CA	`2022-02-10` - `2022-08-03`	6 months	crt.sh
venturebeat.com R3	`2022-03-13` - `2022-06-11`	3 months	crt.sh
thehackernews.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.stackexchange.com R3	`2022-04-06` - `2022-07-05`	3 months	crt.sh
*.phonearena.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-06` - `2022-11-06`	a year	crt.sh
*.cnet.com R3	`2022-03-01` - `2022-05-30`	3 months	crt.sh
macworld.com R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Frame ID: 1B97A0A4B29A6D2CAFB4545D2BA833BF
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Frame ID: 387489F1B1AF4F06191E06AC194E4115
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&adk=1812271804&adf=3025194257&lmt=1650078408&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839231&bpp=3&bdt=618&idt=221&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4990468565634&frm=20&pv=2&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248
Frame ID: 52FF1040329F86CD820F2C00EE5475D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258
Frame ID: DBBA986009B6EEE51D44D9E66DB38F0B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289
Frame ID: 4A39204DDD083D6F589B8E4190018A3D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1843087828&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839238&bpp=1&bdt=625&idt=290&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2759&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3OQ1mBlxFZ&p=https%3A//channel969.com&dtd=294
Frame ID: 47FC8DE994BD39BFCCB5865F68362AAA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300
Frame ID: 590D5711E31CF4A567896E98EEB421B6
Requests: 20 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlpPzwAI1v4KcarjAAXTLCdFowj5k9H35kHCdA&u=%7CKHXYL1UObEjA9sTptOIfsQbnWmfMkQi8JBYWD8Ge7LI%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiDWOdbckAfiVYI8AZzv_qXs69smOeLK2AEXVyc_h8p5eI-8US0cfqU8TyjEvbuRwNUUdweYU1v7-UMM4luA3OOXbK8j8k05ZMwB4xuT6VeVmR9jLrC3mKrkRNNPXkfWbpC5WoSEG2LL03Zk-xrzVW9NdZES3NPaAOsWcGPXNcb1PVz7E5LyuS7t4xDK8ZI1IPSPCdt9Fi8e2x_e6rqBLMdk8rYewhBh6BS5fntzcuKwni7s1zJ0YS-8dcOY7m2E0QUfFNbWSQFRsJDaUz0qfp_mMRcNYH-pxm_incR4NE5rRVRkDRzbFTnI2ryaX4gAokNiUE6VTLxho3MGR7ix5JIsiKUlvD5BUwwFL02HmnY-Cxpsb6KjCOB1SKelQ4C4afZkVH06kqv5wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfVkz09aYv6tI-PVxgOsppfwC-SP0rFc55HiiIgBwI23ARABIABguwaCARdjYS1wdWItMjkwNDQxMjM1OTg3NzI5M6ABvdSI6wPIAQmpAibls-2R6bU-qAMBqgSSAk_QTUwIXpCv24eVSA2XWElDVJgY6JkahDuRigpq16kArjawrMlqYYhjzzm5j_cSdbG3nQ3I_9NrPzg95u72rCwxrtYG7i5zhD8bFwF_Tp25W1KoE3JR3s4zyJuf5bCDNMApGAOnE2LcFzrIMIJWjPEai78Xi9Wt5i3mWunkhFCrRqFAjJpD0Q0pJ9Dmwrg4Ew9QtALifgSv9xM9WaWN7nDvKWnEg3ih672eoq_7vqmXoXnr6huOqyXvyd-8zAnnHs2LkeNG3YAUjVZhCczLWIXyC1xUbmosbn35cwqhlsB997TX1jkkAvyYnc-JSWjD2NJlsg_KQ_3S1AgEr7ZEMyyvVx9Zocm3sk6ZK_v5p7y1lQCABvnDtM38ounhwgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2RBxmt76AyS7wFiVfIddap7pXGZg%26client%3Dca-pub-2904412359877293%26adurl%3D
Frame ID: 66084409E42E85A288ED9DF8FB452A80
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=250&adk=808100125&adf=2120853193&pi=t.aa~a.1657493707~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1650078408&rafmt=1&to=qs&pwprc=1883578286&psa=0&format=324x250&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085840214&bpp=1&bdt=1601&idt=1&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e29d7385b10080a-221d609177cd001c%3AT%3D1650085839%3ART%3D1650085839%3AS%3DALNI_MboVmrAygBzne02uZcdaVqwaNGNug&prev_fmts=0x0%2C696x174%2C696x174%2C696x174%2C696x174&nras=2&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=i9Yq7YnklS&p=https%3A//channel969.com&dtd=18
Frame ID: 3823A45D14929CA86DF23374882486CC
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6A95E741FCE276787C5CD3DE17319CD4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1
Frame ID: 053DF371C33C8F9F7696E40CB062DB4E
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 72F98F64FC4D9418191A8708F5A7D33D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 4A325EF822924474D2E99306A1610BA4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 8ACDEE77751B050CBDA29C32BF854601
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C6F3D9DA15A7182819C50971F74D0571
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7CA3B563E3B1434B37C14441DD527792
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 658045991F92E5869986C4DDBB314427
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 86A70B1AB8652F12A1536285AFD173CD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C5C6B14EEBE62D69F3510B1BE7460D7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: B1FB7E7DF7CCAA1830FBEE2DD35A0DB1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 891B506BD5E85FA46A9B3B2621B3F7FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5DC6EB65364FBBD31CC09237242CDC9B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E9DC745885AE1A7C9F045C662A0923B6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Attackers unleash LockBit ransomware on US authorities computer systems - Channel969

Page URL History Show full URLs

https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-government-computers/ HTTP 301
https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

207
Requests

98 %
HTTPS

67 %
IPv6

31
Domains

43
Subdomains

37
IPs

7
Countries

3832 kB
Transfer

6974 kB
Size

24
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/969Channel

Search URL Search Domain Scan URL

URL: https://twitter.com/channel969

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Attackers+unleash+LockBit+ransomware+on+US+authorities+computer+systems&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&via=channel969
Title: Twitter

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/&media=https://d1rytvr7gmk1sx.cloudfront.net/wp-content/uploads/2017/06/istock-614154000.jpg?x57335&description=Attackers+unleash+LockBit+ransomware+on+US+authorities+computer+systems
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Attackers+unleash+LockBit+ransomware+on+US+authorities+computer+systems%20%0A%0A%20https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/&title=Attackers+unleash+LockBit+ransomware+on+US+authorities+computer+systems
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://d1rytvr7gmk1sx.cloudfront.net/wp-content/uploads/2017/06/istock-614154000.jpg?x57335

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2022/04/12/attackers-linger-on-government-agency-computers-before-deploying-lockbit-ransomware/
Title: New findings

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/lockbit-beats-revil-and-ryuk-in-splunks-ransomware-encryption-speed-test/
Title: LockBit

Search URL Search Domain Scan URL

URL: https://www.sophos.com/en-us
Title: Sophos

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/downloads/mobile-device-security-policy/
Title: Cellular machine safety coverage

Search URL Search Domain Scan URL

URL: https://u7061146.ct.sendgrid.net/ls/click?upn=4tNED-2FM8iDZJQyQ53jATUc1h7F6EeKyqQHDAzxY6FeBG4AZ1lNaZ-2Fme9HKLAKT7PlFlx_jrUqf5zwH7FzSx1F7hMR74ZKHVZE1YAdQOIVdlk-2FOmj-2Ff0hGlupiJ3IFhHlRqc2VKaxRk8x0VEsauoIunBGL0Z2qZNavXxiL9rsellJq7ucX1KiC5ZcB9eWpsRSB6VqwFACW9-2BI1ZX0TUHY6oRgE8orAZf6bxzaFcmMgTbWt4CAEYIR8lsuxSoVfHAe92w4i37BC5s9-2B5iBW9B99yRJwDl9ZV6VNxW4GhWNXTjnzTSBUOxpkoO0LfT3mfRLzTa8PSwTP70-2BkmZnDOMhgQywVIx-2FVdQpsXePTLhG5qX1ZavL7O9OkMwA-2FZ6piyfTHeu8sZT3D9vZpO-2FXkRMLL6yvAGiKJztd0Lb7ABkCIoXwG8cvkoqG33yvEwTp1dwirUaLw
Title: Cerberus Sentinel

Search URL Search Domain Scan URL

URL: http://rateyourmix.com/members/f8cuzkt540/
Title: mehr Informationen bekommen

Search URL Search Domain Scan URL

URL: https://socialskates.com/story11356624/how-can-it-be-that-we-create-a-price-array
Title: sigue esta información

Search URL Search Domain Scan URL

URL: https://uhamka.ac.id/
Title: Ridwan M

Search URL Search Domain Scan URL

URL: https://telegra.ph/Getting-Greatest-Mobile-Advertising-and-marketing-Influence-With-Minimum-Hard-work-03-03
Title: basahin ang karagdagang impormasyon

Search URL Search Domain Scan URL

URL: https://seo4you2.com/money-robot-review/
Title: Best seo software

Search URL Search Domain Scan URL

URL: http://mpo4d-terbaru34567.canariblogs.com/what-you-should-know-about-enterprise-control-24389641
Title: इसे मुफ्त में पढ़ें

Search URL Search Domain Scan URL

URL: https://www.desingshop.us/search/label/Shirt
Title: Shirt

Search URL Search Domain Scan URL

URL: https://forums.bestbuy.com/t5/user/viewprofilepage/user-id/2447537
Title: ਮੈਨੂੰ ਔਨਲਾਈਨ ਗੂਗਲ ਕਰ ਰਿਹਾ ਹੈ

Search URL Search Domain Scan URL

URL: https://www.casinositehot.com/
Title: 카지노사이트

Search URL Search Domain Scan URL

URL: https://www.casinositetop.com/
Title: 카지노사이트

Search URL Search Domain Scan URL

URL: https://www.baccaratsite.info/
Title: 카지노사이트

Search URL Search Domain Scan URL

URL: https://www.casinosite.one/
Title: 카지노사이트

Search URL Search Domain Scan URL

URL: https://www.casinosite.zone/
Title: 카지노사이트

Search URL Search Domain Scan URL

URL: http://3658wz.com/home.php?mod=space&uid=261161
Title: 날 잡아봐

Search URL Search Domain Scan URL

URL: https://lms.ilearnafrica.net/members/cirruscicada7/activity/1402480/
Title: これを無料で読む

Search URL Search Domain Scan URL

URL: https://www.empowher.com/users/matchplant8
Title: इसे मुफ्त में पढ़ें

Search URL Search Domain Scan URL

URL: https://saveyoursite.date/story.php?title=bandar-togel-online-terpercaya-polototo
Title: discuss

Search URL Search Domain Scan URL

URL: http://goqna.com/index.php?qa=user&qa_1=mapsanta43
Title: lees dit gratis

Search URL Search Domain Scan URL

URL: http://www.niubids.com/space-uid-60214.html
Title: この情報に従ってください

Search URL Search Domain Scan URL

URL: https://www.venderporinternet.org/
Title: Tod Blowe

Search URL Search Domain Scan URL

URL: http://pascal.msxall.com/index.php?title=User:GlennWoodward39
Title: چگونه اسلات برد

Search URL Search Domain Scan URL

URL: http://bookmark.yakidel.xyz/title=situs-slot-4d-deposit-pulsa-tanpa-potongan-link-slot-4d
Title: 玩老虎机

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-government-computers/ HTTP 301
https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 169

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 173

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLgSab_8KwB5oi-QhM89Ney8FVVGgvq4HhojU9So5VGSbEwhWI8w-da0EW9ydp4yCMQOZOLZBfyISfAZLp1G0O04RpHJg&google_gid=CAESELThbX2ctGesG8UIR5WMDag&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLgSab_8KwB5oi-QhM89Ney8FVVGgvq4HhojU9So5VGSbEwhWI8w-da0EW9ydp4yCMQOZOLZBfyISfAZLp1G0O04RpHJg&google_gid=CAESELThbX2ctGesG8UIR5WMDag&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MTYwNTEwNDEwMDAxNzMxMTk3NTg1MA%3D%3D&google_push=AYg5qPLgSab_8KwB5oi-QhM89Ney8FVVGgvq4HhojU9So5VGSbEwhWI8w-da0EW9ydp4yCMQOZOLZBfyISfAZLp1G0O04RpHJg

Request Chain 175

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENmK4kulcTtYziGDAJU7ixs&google_cver=1&google_push=AYg5qPIw3n9To2WNCjsYA7puCOjAAXFzQrWBnuR8WgPmgIb2kVLpZAktKOmGB847GehVWQxZlGu8RDA2jZMnsLIAkZg1ZIhNeg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENmK4kulcTtYziGDAJU7ixs&google_cver=1&google_push=AYg5qPIw3n9To2WNCjsYA7puCOjAAXFzQrWBnuR8WgPmgIb2kVLpZAktKOmGB847GehVWQxZlGu8RDA2jZMnsLIAkZg1ZIhNeg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dU7Yt5HHQQi4EjK1pfYfjw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIw3n9To2WNCjsYA7puCOjAAXFzQrWBnuR8WgPmgIb2kVLpZAktKOmGB847GehVWQxZlGu8RDA2jZMnsLIAkZg1ZIhNeg

Request Chain 176

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEdiUGjjOabr_XYOAddvQu0&google_cver=1&google_push=AYg5qPIOJwbA_lIMlae4hZiJfVWn9lSTpgaC7VPEAIEntUoKooZY9V-zEAZ1kW7dXT63QQlqHJ37NR6uSlvrqHnBO6F29H7tKeg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDIxRUk3S1YtMjYtQ0c5Nw==&google_push=AYg5qPIOJwbA_lIMlae4hZiJfVWn9lSTpgaC7VPEAIEntUoKooZY9V-zEAZ1kW7dXT63QQlqHJ37NR6uSlvrqHnBO6F29H7tKeg

Request Chain 177

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_cver=1&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

207 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Redirect Chain

https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-government-computers/
https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/

334 KB
52 KB

60ms
60ms

Document
text/html

95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: e64660b5cab5d05f13db326ad72ba33875d74d642e3b7ed14a5a390863618713

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 52692
Content-Type: text/html; charset=UTF-8
Date: Sat, 16 Apr 2022 05:10:38 GMT
Expires: Sat, 16 Apr 2022 05:10:38 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Sat, 16 Apr 2022 03:06:48 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent

Redirect headers

Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 16 Apr 2022 05:10:38 GMT
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Server: Apache
Vary: Accept-Encoding
X-Redirect-By: WordPress

GET
H/1.1 200
OK style.min.css
channel969.com/wp-content/cache/min/1/wp-includes/css/dist/block-library/ 53 KB
8 KB 147ms
59ms Stylesheet
text/css 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-content/cache/min/1/wp-includes/css/dist/block-library/style.min.css?ver=1649322937
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: f047f71c23508e3236563d239e1c99d08415d933f9a784ed0d8841da54feccee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 09:15:37 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7904
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK wp-automatic.css
channel969.com/wp-content/cache/min/1/wp-content/plugins/wp-automatic/css/ 2 KB
984 B 173ms
59ms Stylesheet
text/css 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-content/cache/min/1/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1649322103
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: a2ae5e5fd0b18a88d4cf7b2b777a6c355da8a5b9ce1e697b9fc0c853215641ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 09:01:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 600
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK style.css
channel969.com/wp-content/cache/min/1/wp-content/plugins/td-composer/td-multi-purpose/ 35 KB
5 KB 176ms
61ms Stylesheet
text/css 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-content/cache/min/1/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=1649322103
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 9bf89139bf0f3c70d3c2ba25d9afe3b6e0a64dee3babec05165bde32e02167f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 09:01:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4788
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 136ms
48ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A400&display=swap&ver=11.4.1

Requested by

Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5056b603e811f074a7efffd035bc35932342415b568e7a291723bc164d0e4422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 04:25:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Apr 2022 05:10:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Apr 2022 05:10:38 GMT

GET
H/1.1 200
OK style.css
channel969.com/wp-content/cache/min/1/wp-content/themes/Newspaper/ 104 KB
19 KB 181ms
64ms Stylesheet
text/css 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-content/cache/min/1/wp-content/themes/Newspaper/style.css?ver=1649322103
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 5f924cee123be2a82752d521d71996233fe101f1d4d253230771b813baf842ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 09:01:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19186
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK td_legacy_main.css
channel969.com/wp-content/cache/min/1/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 126 KB
20 KB 183ms
65ms Stylesheet
text/css 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-content/cache/min/1/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=1649322103
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 724406b473b200db421d9655d46e49f44278d5db9e06ea605dfdc24e332c6b3b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 09:01:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20596
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK jquery.min.js Show response
channel969.com/wp-includes/js/jquery/ 87 KB
31 KB 185ms
65ms Script
application/javascript 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Mar 2021 01:37:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30908
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
channel969.com/wp-includes/js/jquery/ 11 KB
4 KB 205ms
58ms Script
application/javascript 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 19:36:06 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4169
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK main-front.js Show response
channel969.com/wp-content/cache/min/1/wp-content/plugins/wp-automatic/js/ 926 B
733 B 231ms
58ms Script
application/javascript 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-content/cache/min/1/wp-content/plugins/wp-automatic/js/main-front.js?ver=1649322103
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 6534b0c6765263da1df9c4a4935e353e6e58943768766f9ea2742258f1034613

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 09:01:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 336
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 138ms
52ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-220711408-1

Requested by

Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb2a0ae2c0d3b18e475484f41088b22175331a4582c0f0240b24e497a24d6198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38577
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Apr 2022 05:10:39 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 146ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2904412359877293

Requested by

Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e280db81cac1cfdc17d6bec865c081f1b52fc9626985316e87f20901651e6bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://channel969.com/
Origin: https://channel969.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54516
x-xss-protection: 0
server: cafe
etag: 2278164487482655750
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 16 Apr 2022 05:10:39 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
channel969.com/wp-includes/js/ 18 KB
5 KB 61ms
61ms Script
application/javascript 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Jun 2021 07:45:12 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4930
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK channel969.png
channel969.com/wp-content/uploads/2021/11/ 105 KB
106 KB 59ms
58ms Image
image/png 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://channel969.com/wp-content/uploads/2021/11/channel969.png
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 9a898df5489607e11d507a3bcf363a8472700233226e05e3b7a70621fd8faa2f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:39 GMT
Last-Modified: Tue, 16 Nov 2021 15:50:12 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=10368000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 107798
Expires: Sun, 14 Aug 2022 05:10:39 GMT

GET
H2 200 istock-614154000.jpg
d1rytvr7gmk1sx.cloudfront.net/wp-content/uploads/2017/06/ 47 KB
47 KB 128ms
47ms Image
image/jpeg 2600:9000:223e:b000:1b:5a63:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1rytvr7gmk1sx.cloudfront.net/wp-content/uploads/2017/06/istock-614154000.jpg?x57335
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b000:1b:5a63:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dde0163a6c9a4e79d0b1e0dfebf7faa6b2745fa8b9d0e62c1a3640817eb1f981

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: cx7o5Au5jmxwIEj8MBoNgBahr6tGfECG
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
last-modified: Sat, 08 Jan 2022 04:50:02 GMT
server: AmazonS3
age: 560
etag: "ae2dc2241505729d037d6a3b09dd6578"
x-cache: Hit from cloudfront
cache-control: must-revalidate, public, max-age=1800
date: Sat, 16 Apr 2022 05:10:28 GMT
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 47732
x-amz-cf-id: 343vYMTpfq9r7_5HMO74a-cT2A1F3lxMTlySE-x9lDGIvVB_g-iO1Q==

GET
H/1.1 200
OK underscore.min.js Show response
channel969.com/wp-includes/js/ 19 KB
8 KB 64ms
64ms Script
application/javascript 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Jan 2022 00:15:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7316
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK js_posts_autoload.min.js Show response
channel969.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 62ms
62ms Script
application/javascript 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=ecd3ae9d894693e4aa2a268d920aa306
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 11:37:19 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2011
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
channel969.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 267 KB
62 KB 67ms
66ms Script
application/javascript 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.4.1
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 08c19272c2f4f2e9182304fa928374ca3ae0bc94b9a34e8c2dff93d6bc8882f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 11:37:05 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK comment-reply.min.js Show response
channel969.com/wp-includes/js/ 3 KB
2 KB 62ms
61ms Script
application/javascript 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-includes/js/comment-reply.min.js?ver=5.9.3
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Jan 2022 00:15:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1345
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK js_files_for_front.min.js Show response
channel969.com/wp-content/plugins/td-cloud-library/assets/js/ 37 KB
9 KB 60ms
59ms Script
application/javascript 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=ecd3ae9d894693e4aa2a268d920aa306
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 3c31f194616ed5157c41e5e3ae46976fbf82a885584917b82fcfbeee0f10bf7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 11:37:19 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8634
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK image.js Show response
channel969.com/wp-content/cache/min/1/wp-content/plugins/featured-image-from-url/includes/html/js/ 2 KB
1 KB 59ms
58ms Script
application/javascript 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-content/cache/min/1/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=1649322103
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: dd7c7517af7fb44dd96afebc2dd23a21218d095db63cf5d377c5d207be473192

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 09:01:43 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 791
Expires: Sun, 16 Apr 2023 05:10:38 GMT

GET
H/1.1 200
OK black-200x300.jpg
channel969.com/wp-content/uploads/2021/11/ 8 KB
8 KB 63ms
62ms Image
image/jpeg 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://channel969.com/wp-content/uploads/2021/11/black-200x300.jpg
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: b3d266e1b4d345f2441f37970a693a6aa4ba189ab8ab04ff5195d065eaf10285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:39 GMT
Last-Modified: Tue, 16 Nov 2021 15:52:10 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7912
Expires: Sun, 14 Aug 2022 05:10:39 GMT

GET
H/1.1 200
OK newspaper.woff
channel969.com/wp-content/themes/Newspaper/images/icons/ 28 KB
19 KB 106ms
63ms Font
font/woff 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://channel969.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
Requested by: Host: channel969.com
URL: https://channel969.com/wp-content/cache/min/1/wp-content/themes/Newspaper/style.css?ver=1649322103
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: f9105ad89b0652997872724722eb0747fbabefd60ac84c4d47c374bc27529821

Request headers

Referer: https://channel969.com/wp-content/cache/min/1/wp-content/themes/Newspaper/style.css?ver=1649322103
Origin: https://channel969.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 11:36:52 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: font/woff
Cache-Control: max-age=10368000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18629
Expires: Sun, 14 Aug 2022 05:10:39 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 123ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A400&display=swap&ver=11.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://channel969.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 282309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:45:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 158ms
83ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A400&display=swap&ver=11.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://channel969.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 295850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Apr 2023 18:59:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 154ms
96ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A400&display=swap&ver=11.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://channel969.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 291764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Apr 2023 20:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 110ms
110ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7COpen+Sans%3A400&display=swap&ver=11.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://channel969.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 257841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 05:33:18 GMT

GET
H2 200 3b759c99652a2c8b0222dbd3e77847a1
secure.gravatar.com/avatar/ 1 KB
2 KB 82ms
26ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/3b759c99652a2c8b0222dbd3e77847a1?s=96&d=mm&r=g
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Sat, 16 Apr 2022 05:10:39 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="3b759c99652a2c8b0222dbd3e77847a1.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/3b759c99652a2c8b0222dbd3e77847a1?s=96&d=mm&r=g>; rel="canonical"
content-length: 1528
expires: Sat, 16 Apr 2022 05:15:39 GMT

GET
H2 200 3b759c99652a2c8b0222dbd3e77847a1
secure.gravatar.com/avatar/ 2 KB
2 KB 48ms
27ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/3b759c99652a2c8b0222dbd3e77847a1?s=117&d=mm&r=g
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 96a3f4a4a2f073caf3d2f9e2cbf9f858143bcc3971d49eed7197bf5972ec1726

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Sat, 16 Apr 2022 05:10:39 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="3b759c99652a2c8b0222dbd3e77847a1.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/3b759c99652a2c8b0222dbd3e77847a1?s=117&d=mm&r=g>; rel="canonical"
content-length: 1769
expires: Sat, 16 Apr 2022 05:15:39 GMT

GET
H/1.1 200
OK footer_bg.jpg
channel969.com/wp-content/uploads/2021/11/ 105 KB
105 KB 59ms
59ms Image
image/jpeg 95.217.85.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://channel969.com/wp-content/uploads/2021/11/footer_bg.jpg
Requested by: Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.85.252 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.85.217.95.clients.your-server.de
Software: Apache /
Resource Hash: df3e843c191537e4a4d18b9164f95fb236ac5e05f5f7d7617b541b4ddbae101b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 16 Apr 2022 05:10:39 GMT
Last-Modified: Tue, 16 Nov 2021 14:09:55 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 107659
Expires: Sun, 14 Aug 2022 05:10:39 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204130101/ 303 KB
108 KB 122ms
72ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2904412359877293&plah=channel969.com&bust=31067099

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2904412359877293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

153664ae0197a41a7af5496b6c8f89ced381c23a57396fdcde773670a4a7c01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110839
x-xss-protection: 0
server: cafe
etag: 15208232250553385404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 16 Apr 2022 05:10:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/ Frame 3874 10 KB
5 KB 126ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2904412359877293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://channel969.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 29484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 20:59:15 GMT
etag: 14837630671339829333
expires: Fri, 29 Apr 2022 20:59:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 135ms
43ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-220711408-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3208
date: Sat, 16 Apr 2022 04:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 16 Apr 2022 06:17:11 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 157 KB
58 KB 121ms
64ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NZMZWEW521&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-220711408-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

022c78f9ca1d985708b824f842a2434ab3696b867b3e683d1243cce364504150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59525
x-xss-protection: 0
expires: Sat, 16 Apr 2022 05:10:39 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
645 B 176ms
64ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=channel969.com&callback=_gfp_s_&client=ca-pub-2904412359877293

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2904412359877293&plah=channel969.com&bust=31067099

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

bb6dac605cbae56c4f283a12d9e83caadca8d4a999a781e939d66d3a74716938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 178ms
64ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=channel969.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Apr 2022 05:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 177ms
63ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=channel969.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Apr 2022 05:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 52FF 305 KB
67 KB 681ms
680ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&adk=1812271804&adf=3025194257&lmt=1650078408&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839231&bpp=3&bdt=618&idt=221&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4990468565634&frm=20&pv=2&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da29f292d7ca8bfc40fcb6b5b8a34c15ab008e5771ad377b3c7797e923871a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://channel969.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 68883
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Apr 2022 05:10:40 GMT
expires: Sat, 16 Apr 2022 05:10:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DBBA 101 KB
32 KB 682ms
682ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee85d2f8f6de1d7920014c32c148fe71a9ed8560887a14e56ae1ccd19d82794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://channel969.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32372
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Apr 2022 05:10:40 GMT
expires: Sat, 16 Apr 2022 05:10:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 143ms
64ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NZMZWEW521&gtm=2oe4d0&_p=456760617&sr=1600x1200&_z=ccd.ALB&gdid=dZTNiMT&ul=en-us&cid=1169994059.1650085839&_s=1&dl=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&dt=Attackers%20unleash%20LockBit%20ransomware%20on%20US%20authorities%20computer%20systems%20-%20Channel969&sid=1650085839&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NZMZWEW521&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://channel969.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 134ms
64ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=456760617&t=pageview&_s=1&dl=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&ul=en-us&de=UTF-8&dt=Attackers%20unleash%20LockBit%20ransomware%20on%20US%20authorities%20computer%20systems%20-%20Channel969&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=482628600&gjid=1887135161&cid=1169994059.1650085839&tid=UA-220711408-1&_gid=1044677511.1650085840&_r=1&gtm=2ou4d0&did=dZTNiMT&gdid=dZTNiMT&z=1624850200

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://channel969.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://channel969.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A39 102 KB
32 KB 484ms
483ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dedc7b6f50f2355cde6c50d6d22ea42e43935569f28b8267b41815aef5f98460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://channel969.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32740
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Apr 2022 05:10:39 GMT
expires: Sat, 16 Apr 2022 05:10:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 47FC 26 KB
10 KB 460ms
459ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1843087828&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839238&bpp=1&bdt=625&idt=290&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2759&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3OQ1mBlxFZ&p=https%3A//channel969.com&dtd=294

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9983b09edd20a784c1cbbc45cf491a1aa36a8c135ba6ee4130233411a039b982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://channel969.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10675
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Apr 2022 05:10:39 GMT
expires: Sat, 16 Apr 2022 05:10:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 590D 107 KB
34 KB 564ms
564ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d5fbdecffbcf4b09fc5b12895527b855bd9f569968b18ea1e38cd360d6ea8c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://channel969.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34336
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Apr 2022 05:10:40 GMT
expires: Sat, 16 Apr 2022 05:10:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 47FC 3 KB
1 KB 160ms
75ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1843087828&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839238&bpp=1&bdt=625&idt=290&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2759&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3OQ1mBlxFZ&p=https%3A//channel969.com&dtd=294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:06:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47FC 119 KB
37 KB 135ms
51ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 47FC 15 KB
7 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:09:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 47FC 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQpqaz09aYv6tI-PVxgOsppfwC-SP0rFc55HiiIgBwI23ARABIABguwaCARdjYS1wdWItMjkwNDQxMjM1OTg3NzI5M6ABvdSI6wPIAQmpAibls-2R6bU-qAMBqgSPAk_QTUwIXpCv24eVSA2XWElDVJgY6JkahDuRigpq16kArjawrMlqYYhjzzm5j_cSdbG3nQ3I_9NrPzg95u72rCwxrtYG7i5zhD8bFwF_Tp25W1KoE3JR3s4zyJuf5bCDNMApGAOnE2LcFzrIMIJWjPEai78Xi9Wt5i3mWunkhFCrRqFAjJpD0Q0pJ9Dmwrg4Ew9QtALifgSv9xM9WaWN7nDvKWnEg3ih672eoq_7vqmXoXnr6huOqyXvyd-8zAnnHs2LkeNG3YAUjVZhCczLWIXyC1xUbmosbn35cwqhlsB997TX1jkkAvyY382o27thKtf2QABSwJlOfwsQpQpOHTR02YQ9PWgIrGKB-nwToi-ABvnDtM38ounhwgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yOTA0NDEyMzU5ODc3MjkzGAA&sigh=VJvmDvpJUic&uach_m=[UACH]&cid=CAQSGwCNIrLMjSOlk7kNAWlOuSK7uIF7cg7hbLqUlhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1843087828&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839238&bpp=1&bdt=625&idt=290&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2759&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=3OQ1mBlxFZ&p=https%3A//channel969.com&dtd=294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 16 Apr 2022 05:10:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 47FC 0
0 100ms
33ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UMvMEL_6RLgFrgGH-lcYAgAAAMBkqQ7SfuCQEM9PWmJ4nFdLlkjjRivPhwAS&wp=YlpPzwAI1v4KcarjAAXTLCdFowj5k9H35kHCdA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 283330
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6608 150 KB
50 KB 192ms
126ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YlpPzwAI1v4KcarjAAXTLCdFowj5k9H35kHCdA&u=%7CKHXYL1UObEjA9sTptOIfsQbnWmfMkQi8JBYWD8Ge7LI%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiDWOdbckAfiVYI8AZzv_qXs69smOeLK2AEXVyc_h8p5eI-8US0cfqU8TyjEvbuRwNUUdweYU1v7-UMM4luA3OOXbK8j8k05ZMwB4xuT6VeVmR9jLrC3mKrkRNNPXkfWbpC5WoSEG2LL03Zk-xrzVW9NdZES3NPaAOsWcGPXNcb1PVz7E5LyuS7t4xDK8ZI1IPSPCdt9Fi8e2x_e6rqBLMdk8rYewhBh6BS5fntzcuKwni7s1zJ0YS-8dcOY7m2E0QUfFNbWSQFRsJDaUz0qfp_mMRcNYH-pxm_incR4NE5rRVRkDRzbFTnI2ryaX4gAokNiUE6VTLxho3MGR7ix5JIsiKUlvD5BUwwFL02HmnY-Cxpsb6KjCOB1SKelQ4C4afZkVH06kqv5wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfVkz09aYv6tI-PVxgOsppfwC-SP0rFc55HiiIgBwI23ARABIABguwaCARdjYS1wdWItMjkwNDQxMjM1OTg3NzI5M6ABvdSI6wPIAQmpAibls-2R6bU-qAMBqgSSAk_QTUwIXpCv24eVSA2XWElDVJgY6JkahDuRigpq16kArjawrMlqYYhjzzm5j_cSdbG3nQ3I_9NrPzg95u72rCwxrtYG7i5zhD8bFwF_Tp25W1KoE3JR3s4zyJuf5bCDNMApGAOnE2LcFzrIMIJWjPEai78Xi9Wt5i3mWunkhFCrRqFAjJpD0Q0pJ9Dmwrg4Ew9QtALifgSv9xM9WaWN7nDvKWnEg3ih672eoq_7vqmXoXnr6huOqyXvyd-8zAnnHs2LkeNG3YAUjVZhCczLWIXyC1xUbmosbn35cwqhlsB997TX1jkkAvyYnc-JSWjD2NJlsg_KQ_3S1AgEr7ZEMyyvVx9Zocm3sk6ZK_v5p7y1lQCABvnDtM38ounhwgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2RBxmt76AyS7wFiVfIddap7pXGZg%26client%3Dca-pub-2904412359877293%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c302f858d0e858df4f858bc29c75f5b370634c9d60c69a1c17ca0b02ee5eacc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 16 Apr 2022 05:10:39 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=BHnqoFbSzrWNMtSqLZ6VyrzkbFd_sqS2kRWGHopx-9WtuBTNuvrbkMdynA3hUtELknGf2OR38Mws9gZ8X-6IgTlCBiJTb-Q21soJYmE4YSQbHoyTyeAR8ynIDeQ7P_a8_7w6o9kZWnXPfoJpyFVahKyrC2Qug31AvibpWjPpOCkjQwb8xHT3Eh_y27uTxS-13r3eIiWdG2L14NnMsEfG1qrRNWptb6P5kv-fsGgbpvlo54VUfDjjj1fBHjEgpT789eg6-Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 93857645
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 css
fonts.googleapis.com/ Frame 4A39 2 KB
532 B 90ms
45ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 03:21:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Apr 2022 05:10:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 4A39 2 KB
984 B 146ms
75ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 04:46:46 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 4A39 19 KB
8 KB 112ms
41ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 04:59:08 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 4A39 3 KB
1 KB 140ms
73ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:06:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A39 119 KB
36 KB 167ms
96ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 4A39 15 KB
6 KB 118ms
47ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:09:54 GMT

GET
H2 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame 4A39 29 KB
12 KB 122ms
39ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 08:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 03:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 08:37:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4A39 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTp5Yz09aYuL3IqjE1fAPm7KK0AGJ_PTIaaOMnd6lDIijpJjJIRABIMGs748BYLsGoAHukdPNA8gBCagDAcgDywSqBJgCT9CwnybD4iVEiqc1SnaGOLeXwvzqwEQIphrb4O3msC4UzjFufg7YibgX-hb74ghfl06fEarlSXheSqQP1-oLw21uPB2cZOQ_i9qkkSJshhMgkPB3OdeZluGtd9RW5-8y-xqxou42vwa8XO8frmTxLQnsZIViwkvNwNtWp3QcsQYRiAktjNifWYxEsPsZ1RxomolE9O7Ld-WGfqcTn2QAts9ncWaxSy8btcXofUMjOBSfBzE7_lIedk3PXE-if2dHzHCcewgaQhxwJ9fKds7_qO636bkpMY6-c1naUhbQdYZOX4m3rvQckzZshAMzn-_DXkUpEsHcO7kkabEFxacFAq07uBKV3_-7p1WXDuTOokPlDsQHODHubsAE1Pizv6wDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_rul2SoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQlv8C0ggJCIDhgBAQARgfgAoByAsB2BMO0BUBgBcBshccChoIABIUcHViLTI5MDQ0MTIzNTk4NzcyOTMYAA&sigh=W5Gha0JRRes&uach_m=[UACH]&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 16 Apr 2022 05:10:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4A39 22 KB
23 KB 149ms
38ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTC0npdpQeEPurM1nJaiZMixJ826KSdctq9pfGJ21yztEcQGw0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cdd849a5c19b005bb94214253450e9416d335d1dcaa9724f726065e72d8f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 11:51:50 GMT
x-content-type-options: nosniff
age: 235130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23005
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 02:55:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 13 Apr 2023 11:51:50 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4A39 29 KB
30 KB 127ms
38ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSDN5MhUyJWX-aNjSV6GBJ8lYd2RtYKZQN9NdLNXk4Hc2vE2DgnuwVbVwQSx9k&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53fe2341c73b440e0670100f6133d527afb0832804b9538bba17b6d1ba6d3fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:19:46 GMT
x-content-type-options: nosniff
age: 125454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29978
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 01:36:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Apr 2023 18:19:46 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4A39 18 KB
18 KB 186ms
76ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTU6hPdDysXeG9-A7mzgy-tKjVZ8fKz2KyqNjNlfTyM6mrf6zhZ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823f6032305201cec1d828ded97fe08b9392ea3113ee6bd38edeb171891ad4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 10:06:42 GMT
x-content-type-options: nosniff
age: 327838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18123
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 01:48:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 12 Apr 2023 10:06:42 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4A39 24 KB
24 KB 167ms
79ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRrxR9eP5Y2KTjD3oBiiW2cgCEbi9Lu5-D7D8hx_LSGm0DsT5TgJWJG-UVULA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7ae9159752c1e5f90f6753c4534a01190784bd11a0730a79f631f8f8e4bea5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 10:53:17 GMT
x-content-type-options: nosniff
age: 497843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24735
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 16:37:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 10 Apr 2023 10:53:17 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 4A39 37 KB
38 KB 128ms
39ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSVWnOjrhGy7DGVsEJ9xe0jbUAFb-W0fXRoiiZD3M4aYxZLYzrJmd-4zZpoVO0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e62a82e9d7351e0bda141d3911010e70f2b4bcb5c201570287b808a74e39617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 07:51:24 GMT
x-content-type-options: nosniff
age: 335956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37967
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 15:07:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 12 Apr 2023 07:51:24 GMT

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 590D 9 KB
4 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 03:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 03:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Jul 2022 03:02:07 GMT

GET
H2 200 c9c91212f902e26e0abfd6c177be8d65.js Show response
www.gstatic.com/mysidia/ Frame 590D 15 KB
6 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c9c91212f902e26e0abfd6c177be8d65.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9630fb775d7c0da347a1f70198e3235c9590548e64bc5c6d40da5f409da44f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 08:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6113
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 03:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 08:37:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 590D 2 KB
532 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 03:20:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Apr 2022 05:10:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 590D 2 KB
904 B 38ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 04:46:46 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame 590D 6 KB
2 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 08:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 03:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 08:37:13 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 590D 19 KB
8 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 04:59:08 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 590D 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:06:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 590D 119 KB
36 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 590D 15 KB
6 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:09:54 GMT

GET
H3 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame 590D 29 KB
12 KB 77ms
37ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 08:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 03:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 08:37:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DBBA 2 KB
532 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 03:19:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Apr 2022 05:10:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame DBBA 2 KB
904 B 98ms
49ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 04:46:46 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame DBBA 19 KB
8 KB 86ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 04:59:08 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame DBBA 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:06:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBBA 119 KB
36 KB 111ms
63ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame DBBA 15 KB
6 KB 89ms
41ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:07:16 GMT

GET
H3 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame DBBA 29 KB
12 KB 86ms
39ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 08:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 03:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 08:37:13 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204130101/ 145 KB
51 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204130101/reactive_library_fy2019.js?bust=31067099

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f249ab516e3952bb15ca40c3e63bc39803dcee5dba1ab5886968a395b2b3f8d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52671
x-xss-protection: 0
server: cafe
etag: 16138699635241611736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
70ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-2904412359877293&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076

Requested by

Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-2904412359877293&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220413_113512&sat=1649944656761&afm=0&as_count=4&d_count=0&ng_count=0&am_count=1&atf_count=1&mdns=0.108&alldns=0.147&allp=45&fd=(0%2C6%2C1)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=6439&abl=false&rr=n&su=channel969.com&pvc=2348396979257721&r=0.1&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076

Requested by

Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 91ms
45ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=channel969.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 92ms
46ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=channel969.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3823 74 KB
30 KB 404ms
403ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=250&adk=808100125&adf=2120853193&pi=t.aa~a.1657493707~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1650078408&rafmt=1&to=qs&pwprc=1883578286&psa=0&format=324x250&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085840214&bpp=1&bdt=1601&idt=1&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e29d7385b10080a-221d609177cd001c%3AT%3D1650085839%3ART%3D1650085839%3AS%3DALNI_MboVmrAygBzne02uZcdaVqwaNGNug&prev_fmts=0x0%2C696x174%2C696x174%2C696x174%2C696x174&nras=2&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=i9Yq7YnklS&p=https%3A//channel969.com&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

409c9202cc5910df851feeae2e58ae241aad2bbe585fc191d1afc82c27375213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://channel969.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 31186
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Apr 2022 05:10:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DBBA 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeGoNz09aYoTuIN-O1fAP28Wa2AqJ_PTIaaOMnd6lDIijpJjJIRABIMGs748BYLsGoAHukdPNA8gBCagDAcgDywSqBJgCT9Cl8LDMlWmmJqABusUmYo49V59sTgGPDfhVhQtp8b_QOHoG2-L5-dtT2nnJtuXF5GZPHW71fNULTLoL87edZ7MwgNaiKpmW6HBW8mSW9-GcEJis8VwfensMu7HleVgCCoMwxCRE5To4CpZ7yCy6c3y39ZFPNPXO0fuMLUoFxot4AKrA53oAQEbasNR6YDnQOrJjVbAHlDrQ3Bd12S9i0STkqrUDIVUlPyR-NPJwctM6jdTSliSYIV46R52pcAtUnJoo7HgEgSArFZCuORcM_Ed5SHPoXZd244WRQtfii9yM7H-_BHaEkeXhfXfcnt14EvTMvH3mZhu-BGEj4xlfk_ejzvf3nKJQVQhBj2UKsFUKQBsH6OJl4MAE1Pizv6wDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_rul2SoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ7PgG0ggJCIDhgBAQARgfgAoByAsB2BMO0BUBgBcBshccChoIABIUcHViLTI5MDQ0MTIzNTk4NzcyOTMYAA&sigh=rbqUj-ec0I0&uach_m=[UACH]&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 16 Apr 2022 05:10:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 590D 29 KB
29 KB 116ms
70ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSDN5MhUyJWX-aNjSV6GBJ8lYd2RtYKZQN9NdLNXk4Hc2vE2DgnuwVbVwQSx9k&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53fe2341c73b440e0670100f6133d527afb0832804b9538bba17b6d1ba6d3fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:19:46 GMT
x-content-type-options: nosniff
age: 125454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29978
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 01:36:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Apr 2023 18:19:46 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 590D 24 KB
24 KB 82ms
38ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRrxR9eP5Y2KTjD3oBiiW2cgCEbi9Lu5-D7D8hx_LSGm0DsT5TgJWJG-UVULA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7ae9159752c1e5f90f6753c4534a01190784bd11a0730a79f631f8f8e4bea5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 10:53:17 GMT
x-content-type-options: nosniff
age: 497843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24735
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 16:37:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 10 Apr 2023 10:53:17 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 590D 22 KB
22 KB 88ms
41ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTC0npdpQeEPurM1nJaiZMixJ826KSdctq9pfGJ21yztEcQGw0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cdd849a5c19b005bb94214253450e9416d335d1dcaa9724f726065e72d8f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 11:51:50 GMT
x-content-type-options: nosniff
age: 235130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23005
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 02:55:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 13 Apr 2023 11:51:50 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 590D 18 KB
18 KB 103ms
56ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTU6hPdDysXeG9-A7mzgy-tKjVZ8fKz2KyqNjNlfTyM6mrf6zhZ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823f6032305201cec1d828ded97fe08b9392ea3113ee6bd38edeb171891ad4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 10:06:42 GMT
x-content-type-options: nosniff
age: 327838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18123
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 01:48:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 12 Apr 2023 10:06:42 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame 590D 43 KB
43 KB 85ms
38ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQhcjCe25zfSXpXtB94zc9GGRXtRPUcuU1_sE8A9ddEgxTi3M5yG0tvPdfyPw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4096a1cffad010f0e099e84eff3a77773f30f4a00374a08655f1698fdd81fb6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 13:58:08 GMT
x-content-type-options: nosniff
age: 400352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43986
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 03:02:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 11 Apr 2023 13:58:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 590D 0
0 84ms
82ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtCM3z09aYpThI5PexgOQ14GICYn89Mhpo4yd3qUMiKOkmMkhEAEgwazvjwFguwagAe6R080DyAEJqAMByAPLBKoEmAJP0Df5tNfmSNNISW49kvZLLT-VHOx4IBHHlFafmWuDqbqXflZoBnJjnRu6PjOgl4pAva28AuQD8vTHEK6ff7nFp-QXLVsiU8PQN1MOeBiwRRJm6HHBs2A6GvE3OtL7EMQvwtSJDtQBwztijOxikdqycThs66mRd85ZU0mdCWi1vvhMze4J8E-vEODZJ_ZVDk2bMhXuV7aWNV6-eeNqDnqEibnkDGWZI7xrxpu28rmzMNYf3LgQI8SOGyjgiMkQv2YpzWkdCXzn_YmMIeSyxb6O90ug7CiAVsr7I0XWwm1nfbPajAcJFtf9XKKIwDo5l94oOezgPdDuPhpvQ1-olF-AvfZBxLG4x2ej0ckrXP8yxp0D8aIhsrjPwATU-LO_rAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-u6XZKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBD6jAbSCAkIgOGAEBABGB-ACgHICwHYEw7QFQGAFwGyFxwKGggAEhRwdWItMjkwNDQxMjM1OTg3NzI5MxgA&sigh=8ridITgVUSY&uach_m=[UACH]&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 16 Apr 2022 05:10:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame DBBA 29 KB
29 KB 95ms
56ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSDN5MhUyJWX-aNjSV6GBJ8lYd2RtYKZQN9NdLNXk4Hc2vE2DgnuwVbVwQSx9k&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53fe2341c73b440e0670100f6133d527afb0832804b9538bba17b6d1ba6d3fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 18:19:46 GMT
x-content-type-options: nosniff
age: 125454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29978
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 01:36:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Apr 2023 18:19:46 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame DBBA 24 KB
24 KB 81ms
43ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRrxR9eP5Y2KTjD3oBiiW2cgCEbi9Lu5-D7D8hx_LSGm0DsT5TgJWJG-UVULA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7ae9159752c1e5f90f6753c4534a01190784bd11a0730a79f631f8f8e4bea5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 10:53:17 GMT
x-content-type-options: nosniff
age: 497843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24735
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 16:37:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 10 Apr 2023 10:53:17 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame DBBA 22 KB
22 KB 79ms
39ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTC0npdpQeEPurM1nJaiZMixJ826KSdctq9pfGJ21yztEcQGw0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8cdd849a5c19b005bb94214253450e9416d335d1dcaa9724f726065e72d8f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 11:51:50 GMT
x-content-type-options: nosniff
age: 235130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23005
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 02:55:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 13 Apr 2023 11:51:50 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame DBBA 18 KB
18 KB 110ms
69ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTU6hPdDysXeG9-A7mzgy-tKjVZ8fKz2KyqNjNlfTyM6mrf6zhZ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823f6032305201cec1d828ded97fe08b9392ea3113ee6bd38edeb171891ad4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 10:06:42 GMT
x-content-type-options: nosniff
age: 327838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18123
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 01:48:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 12 Apr 2023 10:06:42 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame DBBA 43 KB
43 KB 83ms
41ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQhcjCe25zfSXpXtB94zc9GGRXtRPUcuU1_sE8A9ddEgxTi3M5yG0tvPdfyPw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4096a1cffad010f0e099e84eff3a77773f30f4a00374a08655f1698fdd81fb6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 13:58:08 GMT
x-content-type-options: nosniff
age: 400352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43986
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 03:02:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 11 Apr 2023 13:58:08 GMT

GET
DATA 200
OK truncated
/ Frame 47FC 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cebaa85608d8bfd65f643037b2730000c81ffb577c9b43e3b297e257b01cca92

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6608 2 KB
1 KB 99ms
33ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YlpPzwAI1v4KcarjAAXTLCdFowj5k9H35kHCdA&u=%7CKHXYL1UObEjA9sTptOIfsQbnWmfMkQi8JBYWD8Ge7LI%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiDWOdbckAfiVYI8AZzv_qXs69smOeLK2AEXVyc_h8p5eI-8US0cfqU8TyjEvbuRwNUUdweYU1v7-UMM4luA3OOXbK8j8k05ZMwB4xuT6VeVmR9jLrC3mKrkRNNPXkfWbpC5WoSEG2LL03Zk-xrzVW9NdZES3NPaAOsWcGPXNcb1PVz7E5LyuS7t4xDK8ZI1IPSPCdt9Fi8e2x_e6rqBLMdk8rYewhBh6BS5fntzcuKwni7s1zJ0YS-8dcOY7m2E0QUfFNbWSQFRsJDaUz0qfp_mMRcNYH-pxm_incR4NE5rRVRkDRzbFTnI2ryaX4gAokNiUE6VTLxho3MGR7ix5JIsiKUlvD5BUwwFL02HmnY-Cxpsb6KjCOB1SKelQ4C4afZkVH06kqv5wg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfVkz09aYv6tI-PVxgOsppfwC-SP0rFc55HiiIgBwI23ARABIABguwaCARdjYS1wdWItMjkwNDQxMjM1OTg3NzI5M6ABvdSI6wPIAQmpAibls-2R6bU-qAMBqgSSAk_QTUwIXpCv24eVSA2XWElDVJgY6JkahDuRigpq16kArjawrMlqYYhjzzm5j_cSdbG3nQ3I_9NrPzg95u72rCwxrtYG7i5zhD8bFwF_Tp25W1KoE3JR3s4zyJuf5bCDNMApGAOnE2LcFzrIMIJWjPEai78Xi9Wt5i3mWunkhFCrRqFAjJpD0Q0pJ9Dmwrg4Ew9QtALifgSv9xM9WaWN7nDvKWnEg3ih672eoq_7vqmXoXnr6huOqyXvyd-8zAnnHs2LkeNG3YAUjVZhCczLWIXyC1xUbmosbn35cwqhlsB997TX1jkkAvyYnc-JSWjD2NJlsg_KQ_3S1AgEr7ZEMyyvVx9Zocm3sk6ZK_v5p7y1lQCABvnDtM38ounhwgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2RBxmt76AyS7wFiVfIddap7pXGZg%26client%3Dca-pub-2904412359877293%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Apr 2023 05:10:40 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6608 2 KB
1 KB 98ms
33ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Apr 2023 05:10:40 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6608 308 B
637 B 85ms
32ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 11 Apr 2023 05:10:40 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 6608 507 B
835 B 87ms
34ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Tue, 11 Apr 2023 05:10:40 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 6608 43 B
348 B 103ms
35ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=OEXROWjMT0uUVlcwwBjgAUC2GPraqRYlpj4bHpHwhpp_-SlgGjcvyleQhg8RGKN51br3cxvXUy7IevI4fgkBijsxSY97GdCw9-tJSuaOJ4zFTzb85wl6jC-S9jDdUhKszD0cty5iHVujOsO4iCJnhM12570FN2SNIx61amg4tWUEWAmcvjlYgIbRClccABXKtcc6J7y_bfJieg1CkxWzk_dYWk8iu4EoUh4HSiUSXRkVkWr6SPaeXbYrZCnP7Fvu6X8AH5_PC8dbDQkgqpjiioKgIWpoeS0T16YiTR2YUSLMUyW-aguTZb7hm18yrVZNzjdCGjogRM7jRVz1yijlA87vTm5kSNtlOYxj9aFiF5-MVjHbh3IKXobhPDjOhjvs_Dea-ydKIW1OVpsDDzUxf7-yj2OPPn9O6UoJBa8Nzc-HkoLGZhZVfgVxV7gb3y7CPmGplg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:39 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3477686
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4A39 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c7da29e6a44aa8b6a257043f432cb03532aebcd32763d8eccf4f47e17cdc74d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 590D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bffa5bfe818ea6b967ab9776909ded4242c0f20500875fa52ad4714b5576c08

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
69ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-2904412359877293&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076

Requested by

Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/ Frame 6A95 10 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://channel969.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 28320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 21:18:40 GMT
etag: 14837630671339829333
expires: Fri, 29 Apr 2022 21:18:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/ Frame 053D 10 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://channel969.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 28320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 21:18:40 GMT
etag: 14837630671339829333
expires: Fri, 29 Apr 2022 21:18:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DBBA 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba04c7a8d3c849ed7c90695c91f8e407b0e4f2084e6fd08adc05dd7732c02626

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 4A39 20 KB
20 KB 96ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:31:22 GMT
x-content-type-options: nosniff
age: 207558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:31:22 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6608 12 KB
5 KB 87ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6161490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEPFuz4LaJBGrSWYal4NzhRM%2FVGo%2BIbibjdPb97hpYMJeuQV%2BIjhkWcsc9jRQrzQrR0FHa9k55WH75eR3NBiKMt2FokriMVjzh6pPRVEcodr9wt1uZih0qdBw609zFcyU887O9RJuZfnDN9uzyccp5%2Fc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fca6a771b9d7753-LHR
expires: Thu, 06 Apr 2023 05:10:40 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6608 12 KB
6 KB 40ms
40ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Apr 2023 05:10:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6608 13 KB
13 KB 143ms
70ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=344&m=0&partner=65059&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F65059%2F210330%2F6c528a63f71c4d72a0d8e9687e87328d_logo_vertical_03.png&v=3&w=360&s=ExQle5kvowaCoh8aJNejT34l

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8b5abf902c157c372285a8277bd336ce30ac5efe1422a610d3b89e8024174e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30241006
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13506
expires: Sat, 01 Apr 2023 05:27:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6608 29 KB
30 KB 106ms
32ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65059&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fo%2F_orion-3000_po3-630_gl_gallery_main_usb_dg.e2cek.00n.png&v=3&w=400&s=evBVPT6aiFnoBhYl0cq3HJQ1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

58d260c57004679defa1dbbf59b59df7bc1df71b6b664767b9bc0f4e76de9f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=298992
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 29938
expires: Tue, 19 Apr 2022 16:13:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6608 10 KB
10 KB 172ms
99ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65059&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fs%2F_swift-3-sf314-511-fpbl-sv_1000main.png&v=3&w=400&s=wPQb25SDA2qBmtEcFdLNXYs_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2a88596d8c0a225f0cdf6b710209c1089865da2d0785d38f21dbc0e3068945ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=580589
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10106
expires: Fri, 22 Apr 2022 22:27:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6608 10 KB
10 KB 177ms
104ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65059&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_acer-aspire-5_a517-52-52g_fp-backlit_silver_1000main_nx.aarek.004.png&v=3&w=400&s=-lmkvzWVsQNXLHbkFSraQnwJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bbf18ae550d420504652ee7304deb5b21ae4c2e500bbd0e13489298a6b9a314d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=869185
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9828
expires: Tue, 26 Apr 2022 06:37:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6608 28 KB
29 KB 185ms
113ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65059&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_acer-spin-3_sp314-54n_wp_fp_silver_modelmain_pen_nx.hq7ek.003.png&v=3&w=400&s=7ngXao_TFgNt_OsUsrnd6MaJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

58c486410327935edee0c88f48524bed22efb851f1297de45141491d6a2c025b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1008107
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 28915
expires: Wed, 27 Apr 2022 21:12:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6608 14 KB
14 KB 192ms
119ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65059&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fn%2F_nitro-5-an517-54-bl-rgb_1000main_nh.qf7ek.005.png&v=3&w=400&s=j-ywGC_1FKDDzxQHgvfqYCS4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

af97a127628876cab5f8f369c2523e2b7b321297ad728f01a806e7c78f605dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=993547
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14368
expires: Wed, 27 Apr 2022 17:09:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6608 10 KB
10 KB 97ms
96ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65059&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fe%2F_extensa-15-ex215-54-54g-bk_1000main_nx.egjek.00a.png&v=3&w=400&s=KaPl_II6AeByggjtsiDvKyFW&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ecaaeea6f052e64589d8acd2e3c5ec361b9ccf162d2953f2174c16a73a1f490c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=491119
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10010
expires: Thu, 21 Apr 2022 21:36:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6608 0
128 B 106ms
34ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=BHnqoFbSzrWNMtSqLZ6VyrzkbFd_sqS2kRWGHopx-9WtuBTNuvrbkMdynA3hUtELknGf2OR38Mws9gZ8X-6IgTlCBiJTb-Q21soJYmE4YSQbHoyTyeAR8ynIDeQ7P_a8_7w6o9kZWnXPfoJpyFVahKyrC2Qug31AvibpWjPpOCkjQwb8xHT3Eh_y27uTxS-13r3eIiWdG2L14NnMsEfG1qrRNWptb6P5kv-fsGgbpvlo54VUfDjjj1fBHjEgpT789eg6-Q&sds=2&rev=81123&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 16 Apr 2022 05:10:40 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6608 2 KB
1 KB 35ms
34ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Apr 2023 05:10:40 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6608 2 KB
1 KB 34ms
33ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Apr 2023 05:10:40 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame DBBA 20 KB
20 KB 48ms
45ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:31:22 GMT
x-content-type-options: nosniff
age: 207558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:31:22 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 590D 20 KB
20 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:31:22 GMT
x-content-type-options: nosniff
age: 207558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:31:22 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 72F9 35 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1835305083&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839239&bpp=1&bdt=626&idt=295&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174%2C696x174%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7owMyiAjjt&p=https%3A//channel969.com&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 22:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 22:46:52 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 6A95 4 KB
634 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 03:19:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Apr 2022 05:10:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6A95 205 B
229 B 37ms
37ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 03:11:12 GMT
x-content-type-options: nosniff
age: 7168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Apr 2023 03:11:12 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6A95 604 B
629 B 38ms
37ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 00:22:53 GMT
x-content-type-options: nosniff
age: 17267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Apr 2023 00:22:53 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 6A95 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 13275616604445095965
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:09:24 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 053D 2 KB
904 B 38ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 04:46:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 053D 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_JyGz09aYtnLH8yP7_UPl-KKwASeiq3OaZSl0PbMD9rPtfr7LBABIMGs748BYLsGoAHW77n2A8gBCagDAcgDywSqBJgCT9DuLmO-a9ncb7J3YYSNNesIbq8SwMOiT2vRkOwU54odgFx0bt8_B8IUisgQQ8pm3U9Mv1RFLQcv0d3Dl7C2wtCP3fkMpWnceqIxLBk_cI6Kz1MVGmk-MOBRqqTWmHbAePOIynShOqm7V-XVA71lhR7HNy2mts2Ve0DSbN_2Bo6R55JyBw8QMWVeR6Qwed48mxi-AZhaczK_cTfbrb2Gk7mLhVPPDBYj8Ccp7N96lojF7hmGWb4LsxL3gX0H041ugteesawR3Qy1mWZfkmMM6o1joAfW723gDtz3zMC9UMxYo39adM3ixyfkd0CWi_uqptOyp09zwdsu2bJXjHrWoUXwsr3wRqoWNeQ9J2mLmqoqRO9zqPlhGcAE2Zmigu4DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5KQxgmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ6u0Y0ggJCIDhgBAQARgfgAoByAsB2BMO0BUBmBYBgBcBshccChoIABIUcHViLTI5MDQ0MTIzNTk4NzcyOTMYAA&sigh=Y3NJ5s-tuaU&uach_m=[UACH]&template_id=494

Requested by

Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 16 Apr 2022 05:10:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 053D 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 04:59:08 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 053D 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:06:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 053D 119 KB
36 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 053D 15 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:07:16 GMT

GET
H3 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame 053D 29 KB
12 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 08:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 03:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 08:37:13 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 590D 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lcjMKCggCKgZzZXJ2ZXIKKwgEKidpbmZyYV9jb250cm9sXzVwLG15c2lkaWFfYW5hbHl0aWNzX2V4cDMKDRArIQAAAAAAwFNAMAQKDRADIQAAAMzM9IdAMAQKDRAKIQAAAAA0MwdAMAQKDRANIQAAAACAmbk_MAQKDRAeKgc2OTZ4MTc0MAQKDRAZKgc2OTZ4MTc0MAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAAAMzMFIhAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAAFxAMAQKDRAFIQAAAGZmFohAMAQKDRAQIQAAAACA6eBAMAQKDRARIQAAAADAbdFAMAQKDRASIQAAAAAAABxAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAADQzv4pAMAQKDRAUIQAAAADAgdJAMAQKDRAVIQAAAAAAADBAMAQKDRAWIQAAAAAAACRAMAQKDRAYIQAAAMzMHI5AMAQKDRAyIQAAAAAwM-M_MAQKDRAzIQAAAAAwM-M_MAQKDRA0IQAAAAAwM-M_MAQKDRA1IQAAAAAwM-M_MAQKDRA2IQAAAAAwM-M_MAQKDRA3IQAAAAAwM-M_MAQKDRA4IQAAAACYmfk_MAQKDRA5IQAAAMzMrIFAMAQKDRA6IQAAAAAA4IFAMAQKDRA7IQAAADQzu4pAMAQKDRA8IQAAADQzu4pAMAQKDRA9IQAAAAAAwIpAMAQKDRA-IQAAAAAA0I1AMAQKDRA_IQAAAAAA0I1AMAQKDRBAIQAAADQzK45AMAQSGkNOU0V4ZUxvbF9jQ0ZST3ZjUW9ka0dzQWtRIhJncGEvbWF4aW1hbF92MV9vY2goDA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/c9c91212f902e26e0abfd6c177be8d65.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 053D 22 KB
22 KB 38ms
37ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRzSntr_zbnuBhZoyE8z8rzduHOOWFEygD418MmrwWvELq0BlO2ervZ62KPe5E&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab541eb9da5a742c3f6c5c6840f2bea0a7b3c5a1df7e34dfe65e809ddd72ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:11:20 GMT
x-content-type-options: nosniff
age: 471560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22562
x-xss-protection: 0
last-modified: Sat, 14 Aug 2021 02:00:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 10 Apr 2023 18:11:20 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 053D 24 KB
24 KB 142ms
37ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSrWOSYC1XNECaEMShHe_74tflVRfmAKPvDH62GKdXM7u3ccBdB-W9DObwG0HE&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f531fc4b1981754b623942a77f8766cf715d205e0404c50b8ee0b15334fe34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:52:47 GMT
x-content-type-options: nosniff
age: 469073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24327
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 02:38:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 10 Apr 2023 18:52:47 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame 053D 23 KB
23 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRkZuON55b-aw0UQhLsizKLGxmVWDZccI60f8K0cFK1WPxRqmYyhsiYuhSEUA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

385f58815d186015cf42e0dcc2d91dbb2c2ea6c2ece3ecc009004e9128273d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 04:58:37 GMT
x-content-type-options: nosniff
age: 259923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24026
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 01:05:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 13 Apr 2023 04:58:37 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 053D 21 KB
21 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSFGxH356GdAV6qylH0dDEguUCN5sA_l40ZRMA53wgDfyK1lGa2MXloBuK_E-o&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1004790da4f4ff9554828677090ce64fc85fe6cc818d755551df60b85af18588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 08:05:23 GMT
x-content-type-options: nosniff
age: 507917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21478
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 01:33:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 10 Apr 2023 08:05:23 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 053D 21 KB
21 KB 177ms
72ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSEUdcnd58TWWHg3XUDhbD_OML3ZZmIsC3OjAmLcdMIKol0pUTDeI1b4g8XORM&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8ce07bd50b75c148130753df4b25b9078988f056023bae727beac69a50b17c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 05:59:32 GMT
x-content-type-options: nosniff
age: 429068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21070
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 01:25:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 11 Apr 2023 05:59:32 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 053D 12 KB
12 KB 51ms
51ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTScP7EkZxx8mQn_QZ7djQb_xORZNB6gbb2LJnDcQcHafIK0KCIoDF_wy9bog&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3763d2a2290cd57c24f6b28dafa96c31b9dc5b86a9a0271eff66caf6fc50f991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:58:46 GMT
x-content-type-options: nosniff
age: 126714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12667
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 06:04:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Apr 2023 17:58:46 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 053D 23 KB
23 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTKe_RjcbBqrwRWkS0ZOgJojUUO64ZWxW9DucDlsL3cSWWzAq4f&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67d9045a84b2424899a0bee08dd8a0675308270d4c7420071eddf553deb05583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:00:01 GMT
x-content-type-options: nosniff
age: 472239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23283
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 01:46:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 10 Apr 2023 18:00:01 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 053D 18 KB
18 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQMzno35dCud-qq3pVafGSKbvZQfsyHysbMQS5408HvWxeABig&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

300cd678581c1f04ad918b185f5e75f1b67944339b7e52b008dc8aea9f9f1dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 02:40:02 GMT
x-content-type-options: nosniff
age: 95438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18500
x-xss-protection: 0
last-modified: Wed, 17 Apr 2019 09:55:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 15 Apr 2023 02:40:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6608 2 KB
435 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3d628f4e66cecd08fd6e79132a41585dfd209b14bd6e0695af0842025ee2768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 03:37:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Apr 2022 05:10:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A32 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=733857818&adf=1626895161&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839237&bpp=1&bdt=623&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x174&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1938&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hBYKUl2Un8&p=https%3A//channel969.com&dtd=289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 22:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 22:46:52 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8ACD 35 KB
13 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=174&slotname=9180252804&adk=3155655992&adf=1297805642&pi=t.ma~as.9180252804&w=696&fwrn=4&lmt=1650078408&rafmt=11&psa=0&format=696x174&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085839234&bpp=3&bdt=621&idt=251&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1052&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=A8kyYZXHoa&p=https%3A//channel969.com&dtd=258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 22:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 22:46:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C6F3 8 KB
892 B 47ms
45ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Apr 2022 03:15:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Apr 2022 05:10:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame C6F3 2 KB
904 B 37ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 04:46:46 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame C6F3 19 KB
8 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 04:59:08 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame C6F3 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:06:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6F3 119 KB
36 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame C6F3 15 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:07:16 GMT

GET
H3 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame C6F3 29 KB
12 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 08:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 03:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 08:37:13 GMT

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v26/ Frame 6608 31 KB
31 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v26/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 15:20:52 GMT
x-content-type-options: nosniff
age: 222588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31248
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:37:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 15:20:52 GMT

GET
DATA 200
OK truncated
/ Frame 053D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8636bba0e4e2ad654303ca046973c174b1ae13ccb96b3d329ee67085b401a5f2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 12918253772761371682
tpc.googlesyndication.com/simgad/ Frame 3823 39 KB
39 KB 41ms
40ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12918253772761371682?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qn_SVjdhXqT2Mt2XywOsoTVw_pY4A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=250&adk=808100125&adf=2120853193&pi=t.aa~a.1657493707~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1650078408&rafmt=1&to=qs&pwprc=1883578286&psa=0&format=324x250&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085840214&bpp=1&bdt=1601&idt=1&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e29d7385b10080a-221d609177cd001c%3AT%3D1650085839%3ART%3D1650085839%3AS%3DALNI_MboVmrAygBzne02uZcdaVqwaNGNug&prev_fmts=0x0%2C696x174%2C696x174%2C696x174%2C696x174&nras=2&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=i9Yq7YnklS&p=https%3A//channel969.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aa21c1138fd4119495cd1575e50ac534dd56fe5288918e3893d20d6b401f38d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 23:24:05 GMT
x-content-type-options: nosniff
age: 279995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39472
x-xss-protection: 0
last-modified: Fri, 07 May 2021 12:11:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Apr 2023 23:24:05 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 3823 19 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 04:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 04:59:08 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 3823 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:06:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3823 119 KB
36 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 05:10:40 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 3823 15 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 05:07:16 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 3823 29 KB
12 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02af7e03520b6699b7eff36516fcd9fc000f00f6388f8ddeac599d00a76e6d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 16:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11979
x-xss-protection: 0
server: cafe
etag: 7739490655680154556
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 16:40:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 47FC 0
20 B 71ms
70ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=bdt.625,req.294,bpp.1,fb.756,e2e.1563,fs.295,reqs.297,ress.756,rese.757&srt=461&e=&id=csi_pagead&gqid=z09aYpeYIo6B3wP4uoqgCw&qqid=CL7RxOLol_cCFeOqcQodLNMFvg&rt=lb.309,ol.807

Requested by

Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3823 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVPM10E9aYo-GEd_I1fAPvYKsiA_T2_3Aabn_vdehDtrZHhABIMGs748BYLsGoAGZpZC3AcgBAqkCX_01J_cksj6oAwHIA8kEqgSsAk_Q6oTZ0J19UUlQSZHnDz10A3C3DRjBdnni5xDYU73XC_DAlgzb7mKMvWqV6lZs4l5EvzwJTbWH6N0vZ0dfyKTUtg2-6mTY_mIoSXEDDeLfSmVs-5zCS98swt-qPFAdavERru7HRJyA7bPNbjNvBI4AXXSPFR6QFhIZZfGGiY9i-2YfXhKjBFAcohq_KDx9ZIf0UVFQ0pU5b9kang9kUAhnS-Gg8_i0WkehMiatiI2ALAz0SXNZG6OaLkQWOwrYpzDuV7g48QB2uXbfqv0Xbq7DXlTU-QdPYuGB5l_eI8oUvBEHKSKHjQry0ziaFhesV0ZPvXX4mgyYtzbKsRdPBIpbdkQCixK81i61Xk_7dLQOQoZTbhUNkAL3vS_Ih5HaJNUrD1yDkZdeJN1FDcAE4pbA3MkDkgUECAQYAZIFBAgFGASgBgKAB8_a78gCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQn4wB0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTI5MDQ0MTIzNTk4NzcyOTMYAA&sigh=DX8DY5VRR_o&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=250&adk=808100125&adf=2120853193&pi=t.aa~a.1657493707~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1650078408&rafmt=1&to=qs&pwprc=1883578286&psa=0&format=324x250&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085840214&bpp=1&bdt=1601&idt=1&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e29d7385b10080a-221d609177cd001c%3AT%3D1650085839%3ART%3D1650085839%3AS%3DALNI_MboVmrAygBzne02uZcdaVqwaNGNug&prev_fmts=0x0%2C696x174%2C696x174%2C696x174%2C696x174&nras=2&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=i9Yq7YnklS&p=https%3A//channel969.com&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 16 Apr 2022 05:10:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7CA3 143 B
163 B 38ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 16 Apr 2022 05:08:15 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 6580 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 22:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 22:46:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86A7 143 B
163 B 39ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=250&adk=808100125&adf=2120853193&pi=t.aa~a.1657493707~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1650078408&rafmt=1&to=qs&pwprc=1883578286&psa=0&format=324x250&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085840214&bpp=1&bdt=1601&idt=1&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e29d7385b10080a-221d609177cd001c%3AT%3D1650085839%3ART%3D1650085839%3AS%3DALNI_MboVmrAygBzne02uZcdaVqwaNGNug&prev_fmts=0x0%2C696x174%2C696x174%2C696x174%2C696x174&nras=2&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=i9Yq7YnklS&p=https%3A//channel969.com&dtd=18
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 16 Apr 2022 05:08:15 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1C5C 1 KB
749 B 38ms
38ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 56668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Sat, 16 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7CA3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

87ms
87ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 16 Apr 2022 05:10:41 GMT
expires: Sat, 16 Apr 2022 05:10:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 16 Apr 2022 05:10:41 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame B1FB 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 22:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 22:46:52 GMT

GET
DATA 200
OK truncated
/ Frame 3823 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca61d1a4770972748db1f4e022b698dc3b20d63fbbce05429fddd2291393095e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1C5C 35 B
463 B 123ms
40ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMjqq89E42rVsvO5mbkmqNw&google_cver=1&google_push=AYg5qPLlfuZ3z4yfAK9cxVsvtXiSWc6sF_i1eDTMhceQxK-PlaZ5qZH5HBmuY5R1br4Hv_wjw5t1I0F38FQq3LkGcX4en5lOow

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C5C
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLgSab_...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLgSab_...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MTYwNTEwNDEwMDAxNzMxMTk3NTg1MA%3D%3D&google_push=AYg5qPLgSab_8KwB5oi-QhM89Ney8FVVGgvq4HhojU9So5VGSbEwhWI8w-da0EW9ydp4yC...

170 B
188 B

48ms
47ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MTYwNTEwNDEwMDAxNzMxMTk3NTg1MA%3D%3D&google_push=AYg5qPLgSab_8KwB5oi-QhM89Ney8FVVGgvq4HhojU9So5VGSbEwhWI8w-da0EW9ydp4yCMQOZOLZBfyISfAZLp1G0O04RpHJg

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MTYwNTEwNDEwMDAxNzMxMTk3NTg1MA%3D%3D&google_push=AYg5qPLgSab_8KwB5oi-QhM89Ney8FVVGgvq4HhojU9So5VGSbEwhWI8w-da0EW9ydp4yCMQOZOLZBfyISfAZLp1G0O04RpHJg
pragma: no-cache
date: Sat, 16 Apr 2022 05:10:41 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 16 Apr 2022 05:10:41 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1C5C 43 B
351 B 115ms
41ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFEHWtBZ0Z0X1AfPMnE0fuk&google_cver=1&google_push=AYg5qPKcLjirbYfIouAseRZj96eKyJlCx49t0M_rmnP05mjEnEPb0T9pJAuY5uNXmEoHeBbrgUVekwLqlxvgMu_dLRogIB5BmSo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2904412359877293&output=html&h=250&adk=808100125&adf=2120853193&pi=t.aa~a.1657493707~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1650078408&rafmt=1&to=qs&pwprc=1883578286&psa=0&format=324x250&url=https%3A%2F%2Fchannel969.com%2Fattackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650085840214&bpp=1&bdt=1601&idt=1&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e29d7385b10080a-221d609177cd001c%3AT%3D1650085839%3ART%3D1650085839%3AS%3DALNI_MboVmrAygBzne02uZcdaVqwaNGNug&prev_fmts=0x0%2C696x174%2C696x174%2C696x174%2C696x174&nras=2&correlator=4990468565634&frm=20&pv=1&ga_vid=1169994059.1650085839&ga_sid=1650085839&ga_hid=456760617&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761043%2C31067099%2C44736076&oid=2&pvsid=2348396979257721&pem=0&tmod=365626161&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=i9Yq7YnklS&p=https%3A//channel969.com&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:40 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 0g1ikkcadajkmc44rs4o6ipalh9g8f57

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C5C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dU7Yt5HHQQi4EjK1pfYfjw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dU7Yt5HHQQi4EjK1pfYfjw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIw3n9To2WNCjsYA7puCOjAAXFzQrWBnuR8WgPmgIb2kVLpZAktKOmGB847GehVWQxZlGu8RDA2jZMnsLIAkZg1ZIhNeg

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dU7Yt5HHQQi4EjK1pfYfjw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIw3n9To2WNCjsYA7puCOjAAXFzQrWBnuR8WgPmgIb2kVLpZAktKOmGB847GehVWQxZlGu8RDA2jZMnsLIAkZg1ZIhNeg
date: Sat, 16 Apr 2022 05:10:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C5C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEdiUGjjOabr_XYOAddvQu0&google_cver=1&google_push=AYg5qPIOJwbA_lIMlae4hZiJfVWn9lSTpgaC7VPEAIEntUoKooZY9V-zEAZ1kW7dXT63QQlqHJ3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDIxRUk3S1YtMjYtQ0c5Nw==&google_push=AYg5qPIOJwbA_lIMlae4hZiJfVWn9lSTpgaC7VPEAIEntUoKooZY9V-zEAZ1kW7dXT63QQlqHJ37NR6uSlvrqHnBO6F29H7tKeg

170 B
188 B

94ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDIxRUk3S1YtMjYtQ0c5Nw==&google_push=AYg5qPIOJwbA_lIMlae4hZiJfVWn9lSTpgaC7VPEAIEntUoKooZY9V-zEAZ1kW7dXT63QQlqHJ37NR6uSlvrqHnBO6F29H7tKeg

Requested by

Host: channel969.com
URL: https://channel969.com/attackers-unleash-lockbit-ransomware-on-us-authorities-computer-systems/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDIxRUk3S1YtMjYtQ0c5Nw==&google_push=AYg5qPIOJwbA_lIMlae4hZiJfVWn9lSTpgaC7VPEAIEntUoKooZY9V-zEAZ1kW7dXT63QQlqHJ37NR6uSlvrqHnBO6F29H7tKeg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 1C5C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FD...

0
0

GET googleredir
googlecm.hit.gemius.pl/ Frame 1C5C 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1C5C 0
232 B 129ms
45ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kimwq70sjTSeI7o7xPUY9SyWafq0Sl2d49992_kprprw5_9h1JEELwK19EkjezU6MvESIJsg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86A7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

89ms
89ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 16 Apr 2022 05:10:41 GMT
expires: Sat, 16 Apr 2022 05:10:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 16 Apr 2022 05:10:41 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 891B 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 22:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 22:46:52 GMT

GET
H2 200 GettyImages-1234089449.jpg
techcrunch.com/wp-content/uploads/2022/04/ 27 KB
27 KB 160ms
86ms Image
image/webp 2a00:1288:110:c104::a000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://techcrunch.com/wp-content/uploads/2022/04/GettyImages-1234089449.jpg?w=600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c104::a000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

ac9c2e38040e5ab91387d7152349ecbc13dfba9776998981a42b7d322094dd81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
x-content-type-options: nosniff
age: 0
x-cache: HIT
vary: Accept
content-length: 27700
x-xss-protection: 1; mode=block
x-rq: lhr3 109 30 443
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Apr 2022 22:30:37 GMT
server: ATS
x-frame-options: SAMEORIGIN
etag: "41ee6ad536b6794f"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 22:30:37 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 100ms
53ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220413&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

109be2446d2149cf620ce59299eb2cf62d3f68419ecf179d8770b2018c399d2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Apr 2022 05:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10511
x-xss-protection: 0

GET
H2 200 dungeons-and-dragons-tashas-wallpaper.jpeg
techcrunch.com/wp-content/uploads/2022/04/ 100 KB
101 KB 90ms
52ms Image
image/webp 2a00:1288:110:c104::a000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://techcrunch.com/wp-content/uploads/2022/04/dungeons-and-dragons-tashas-wallpaper.jpeg?w=640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c104::a000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

d6653de2ac82375694d4c6bb1c989438ed83fb6306fe498cbe94b45e862c6314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
x-content-type-options: nosniff
age: 0
x-cache: HIT
vary: Accept
content-length: 102792
x-xss-protection: 1; mode=block
x-rq: lhr4 109 30 443
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Apr 2022 22:32:47 GMT
server: ATS
x-frame-options: SAMEORIGIN
etag: "d019b9b82331f250"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 22:32:47 GMT

GET
H2 200 GettyImages-638229650.jpg
venturebeat.com/wp-content/uploads/2022/03/ 213 KB
214 KB 85ms
27ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2022/03/GettyImages-638229650.jpg?w=1200&strip=all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

810fb98eaabfd9c7c9cd17763709280cd227c04e0e4c636af6960e0a1b527172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
x-rq: lhr3 109 139 443
last-modified: Fri, 15 Apr 2022 18:37:18 GMT
server: nginx
etag: "5337ad29377aa710"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 218612
expires: Sat, 15 Apr 2023 18:37:18 GMT

GET
H2 200 chrome-extensions.jpg
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhpjCuGD4WXaNN6nxKO5EalNHXrEO1r2PgkwQYS5Z4fg1J1iNhNuSZu4tqOM6Ohl9vpp6QyHLYCS9rWACrVbbaIJUPQ9rTXrZPXmPG7SMzGybYouS2Gy54kBSr90hQqQD0npkDgUM7qiCLvQEpG8... 40 KB
40 KB 122ms
48ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhpjCuGD4WXaNN6nxKO5EalNHXrEO1r2PgkwQYS5Z4fg1J1iNhNuSZu4tqOM6Ohl9vpp6QyHLYCS9rWACrVbbaIJUPQ9rTXrZPXmPG7SMzGybYouS2Gy54kBSr90hQqQD0npkDgUM7qiCLvQEpG86SHqny5-bN6yTHLRxPBtls52iaOhN5Ui-sM9RZ4/s728-e1000/chrome-extensions.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3aa6747549c2a00dcfb7b9425e0df9c7d000f319da42179619f7800c721c2f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 658
x-forwarded-for: 2a03:2880:31ff:1a::face:b00c
content-disposition: inline;filename="chrome-extensions.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40615
x-xss-protection: 0
expires: Fri, 10 Jan 2025 04:59:43 GMT
server: cloudflare
etag: "v181b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9k6S4R3Ibgrszx3g0c77phPP6aNkn%2FzaSL%2FVf8MU0FE9T0O%2B15h1%2FhHh9BNCYaaF1frHoRyD8cYtXu1hxvqNh%2BuJeaq3EZb%2F4uV0nObElwIgt5Lov0EDJx9x5FMTuR3sQ46CQl%2BSz0fX8jzclXH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges: bytes
cf-ray: 6fca6a7cda4a06ae-LHR
access-control-expose-headers: Content-Length

GET
H2 200 apple-touch-icon@2.png
cdn.sstatic.net/Sites/stackoverflow/Img/ 6 KB
7 KB 89ms
26ms Image
image/png 151.101.65.69
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sstatic.net/Sites/stackoverflow/Img/apple-touch-icon@2.png?v=73d79a89bded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.69 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9df6b23dabd2501e67818bfafb5f541cd05386c5df70b203425e079047b70afd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
via: 1.1 varnish
last-modified: Mon, 11 Apr 2022 14:53:53 GMT
age: 350519
x-served-by: cache-lhr7381-LHR
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-timer: S1650085841.418220,VS0,VE0
content-length: 6562
x-cache-hits: 3

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Apr 2022 05:10:41 GMT

GET
H2 200 Bug-from-software-update-is-causing-serious-issues-with-the-Galaxy-S20-series-displays.jpg
m-cdn.phonearena.com/images/article/139663-wide-two_1200/ 153 KB
154 KB 126ms
29ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m-cdn.phonearena.com/images/article/139663-wide-two_1200/Bug-from-software-update-is-causing-serious-issues-with-the-Galaxy-S20-series-displays.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: c782a55f2aea0ac02ffcdc8f38bad011ee01d6401d0d85b6ab7edac59a96394e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
server: nginx/1.20.1
x-hw: 1650085841.cds250.lo4.hn,1650085841.cds059.lo4.c
content-type: image/jpeg
access-control-allow-origin: https://review.phonearena.com
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 156879

GET
H2 403 id60374_1.jpg
www.nanowerk.com/nanotechnology-news2/ 0
0 92ms
33ms Image
text/html 2606:4700:3108::ac42:288a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nanowerk.com/nanotechnology-news2/id60374_1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:288a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 noirlab2205a.jpg
www.cnet.com/a/img/resize/a8f356a5ae8efac3850c513e5fcc6a23d4977a4e/2022/04/12/a010ce59-71e3-419d-b246-bd0ab1c81abb/ 55 KB
55 KB 116ms
26ms Image
image/webp 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cnet.com/a/img/resize/a8f356a5ae8efac3850c513e5fcc6a23d4977a4e/2022/04/12/a010ce59-71e3-419d-b246-bd0ab1c81abb/noirlab2205a.jpg?auto=webp&fit=crop&height=630&width=1200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0af87c8d4c9f81a738d345f4dee37a4370191976a4cc304ecb718bff48308a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
vary: Accept-Encoding, Accept
etag: "Vg2o7S3u9dnva0oKzD26zgxHw/AzOwlv8M/Sl/MnOqY"
strict-transport-security: max-age=63072000; includeSubDomains; preload
fastly-io-info: ifsz=1663155 idim=5120x2880 ifmt=jpeg ofsz=55898 odim=1200x630 ofmt=webp
cache-control: max-age=31560000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/webp
content-length: 55898
expires: Tue, 12 Apr 2022 14:22:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5DC6 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://channel969.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 36047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 19:09:54 GMT
expires: Sat, 15 Apr 2023 19:09:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E9DC 783 B
534 B 97ms
46ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c38694bbd52b15dabbc5c7df95604cc67139920bfb64a86c1056a59e4508136b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-egC3ga6b+wlcJYhRojKo5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://channel969.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-egC3ga6b+wlcJYhRojKo5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 16 Apr 2022 05:10:41 GMT
expires: Sat, 16 Apr 2022 05:10:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 403 jio-airtel-vi-these-short-term-prepaid.jpg
telecomtalk.info/wp-content/uploads/2022/04/ 0
0 112ms
36ms Image
text/html 2606:4700:20::681a:d89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telecomtalk.info/wp-content/uploads/2022/04/jio-airtel-vi-these-short-term-prepaid.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:d89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 apple-touch-icon@2.png
cdn.sstatic.net/Sites/stackoverflow/Img/ 6 KB
6 KB 26ms
25ms Image
image/png 151.101.65.69
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sstatic.net/Sites/stackoverflow/Img/apple-touch-icon@2.png?v=73d79a89bded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.69 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9df6b23dabd2501e67818bfafb5f541cd05386c5df70b203425e079047b70afd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
via: 1.1 varnish
last-modified: Mon, 11 Apr 2022 14:53:53 GMT
age: 350519
x-served-by: cache-lhr7381-LHR
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-timer: S1650085841.467532,VS0,VE0
content-length: 6562
x-cache-hits: 4

GET
H2 200 iMac-vs-Mac-Studio-3.jpg
www.macworld.com/wp-content/uploads/2022/04/ 10 KB
10 KB 186ms
25ms Image
image/webp 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.macworld.com/wp-content/uploads/2022/04/iMac-vs-Mac-Studio-3.jpg?quality=50&strip=all&w=1024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

794af52b44523175b3e165d67717c4fff83c54acc9e7a6979613871ff3898620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
x-rq: lhr4 109 142 443
last-modified: Fri, 15 Apr 2022 13:02:19 GMT
server: nginx
etag: "cb82434d53fa1037"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9998
expires: Sat, 15 Apr 2023 13:02:19 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DC6 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 22:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 22:46:52 GMT

GET
H2 200 dungeons-and-dragons-tashas-wallpaper.jpeg
techcrunch.com/wp-content/uploads/2022/04/ 100 KB
100 KB 48ms
48ms Image
image/webp 2a00:1288:110:c104::a000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://techcrunch.com/wp-content/uploads/2022/04/dungeons-and-dragons-tashas-wallpaper.jpeg?w=640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c104::a000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

d6653de2ac82375694d4c6bb1c989438ed83fb6306fe498cbe94b45e862c6314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
x-content-type-options: nosniff
age: 0
x-cache: HIT
vary: Accept
content-length: 102792
x-xss-protection: 1; mode=block
x-rq: lhr4 109 30 443
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Apr 2022 22:32:47 GMT
server: ATS
x-frame-options: SAMEORIGIN
etag: "d019b9b82331f250"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 22:32:47 GMT

GET
H2 200 GettyImages-638229650.jpg
venturebeat.com/wp-content/uploads/2022/03/ 213 KB
214 KB 28ms
28ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venturebeat.com/wp-content/uploads/2022/03/GettyImages-638229650.jpg?w=1200&strip=all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

810fb98eaabfd9c7c9cd17763709280cd227c04e0e4c636af6960e0a1b527172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
x-rq: lhr3 109 139 443
last-modified: Fri, 15 Apr 2022 18:37:18 GMT
server: nginx
etag: "5337ad29377aa710"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 218612
expires: Sat, 15 Apr 2023 18:37:18 GMT

GET
H3 200 chrome-extensions.jpg
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhpjCuGD4WXaNN6nxKO5EalNHXrEO1r2PgkwQYS5Z4fg1J1iNhNuSZu4tqOM6Ohl9vpp6QyHLYCS9rWACrVbbaIJUPQ9rTXrZPXmPG7SMzGybYouS2Gy54kBSr90hQqQD0npkDgUM7qiCLvQEpG8... 39 KB
39 KB 75ms
43ms Image
image/jpeg 2606:4700:20::ac43:4615
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7fe9c31a5555d6b48c0fdbca4c93b4eda355938300fd6d7060764d3d8fc07c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1841
cf-polished: origSize=40615, status=webp_bigger
x-forwarded-for: 197.211.58.17
content-disposition: inline;filename="chrome-extensions.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39609
x-xss-protection: 0
expires: Fri, 10 Jan 2025 04:40:00 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "v181b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xq%2F3LvsVv6SN4n3z0FrGglADT4mKQIjwQi56QlMX6XXX4XjFN0fWP8%2FUTbpCvE0oeZaAWxVK0gL%2FgjLJK71eZVnVpHll9Q0Y%2Bzn7ZcccYYMUhr4h7bFnBtDcpNdLwdyMcpedmfVa33qcUboo1skP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges: bytes
cf-ray: 6fca6a7def0b7744-LHR
access-control-expose-headers: Content-Length

GET
H2 200 GettyImages-1234089449.jpg
techcrunch.com/wp-content/uploads/2022/04/ 27 KB
27 KB 48ms
47ms Image
image/webp 2a00:1288:110:c104::a000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://techcrunch.com/wp-content/uploads/2022/04/GettyImages-1234089449.jpg?w=600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c104::a000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

ac9c2e38040e5ab91387d7152349ecbc13dfba9776998981a42b7d322094dd81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
x-content-type-options: nosniff
age: 0
x-cache: HIT
vary: Accept
content-length: 27700
x-xss-protection: 1; mode=block
x-rq: lhr4 109 30 443
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 15 Apr 2022 22:30:40 GMT
server: ATS
x-frame-options: SAMEORIGIN
etag: "a966ef9df000cafa"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 22:30:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E9DC 0
0 74ms
73ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220413&jk=2348396979257721&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DBBA 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0Q2BwQex3MU7PRfzm6e63FpOE_I8bIWXhEDN-HKJK7W4Jxp-dYQczmio5KDMuNnplTephfScY8_qHKPH9U52QT-OFC_R2XmtB2FzPPor29kGriQA-aw&sai=AMfl-YQzhtRO6WgZHPr7zRRCFdriSEfIC4our2f4peiq0X_Jn4dFL0hLaYoX6JRevU1uPzbX-MMUe6V-V2gH&sig=Cg0ArKJSzAkkLu6WBqq9EAE&id=lidar2&mcvt=1006&p=0,0,174,696&mtos=0,1006,1006,1006,1006&tos=0,1006,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=0.85&if=1&vu=1&app=0&itpl=22&adk=3155655992&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650085839492&rpt=1064&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5DC6 0
9 B 37ms
37ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bCZq0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 noirlab2205a.jpg
www.cnet.com/a/img/resize/a8f356a5ae8efac3850c513e5fcc6a23d4977a4e/2022/04/12/a010ce59-71e3-419d-b246-bd0ab1c81abb/ 55 KB
55 KB 27ms
27ms Image
image/webp 2a04:4e42:4c::666
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cnet.com/a/img/resize/a8f356a5ae8efac3850c513e5fcc6a23d4977a4e/2022/04/12/a010ce59-71e3-419d-b246-bd0ab1c81abb/noirlab2205a.jpg?auto=webp&fit=crop&height=630&width=1200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0af87c8d4c9f81a738d345f4dee37a4370191976a4cc304ecb718bff48308a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
vary: Accept-Encoding, Accept
etag: "Vg2o7S3u9dnva0oKzD26zgxHw/AzOwlv8M/Sl/MnOqY"
strict-transport-security: max-age=63072000; includeSubDomains; preload
fastly-io-info: ifsz=1663155 idim=5120x2880 ifmt=jpeg ofsz=55898 odim=1200x630 ofmt=webp
cache-control: max-age=31560000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/webp
content-length: 55898
expires: Tue, 12 Apr 2022 14:22:55 GMT

GET
H2 200 Bug-from-software-update-is-causing-serious-issues-with-the-Galaxy-S20-series-displays.jpg
m-cdn.phonearena.com/images/article/139663-wide-two_1200/ 153 KB
153 KB 29ms
29ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m-cdn.phonearena.com/images/article/139663-wide-two_1200/Bug-from-software-update-is-causing-serious-issues-with-the-Galaxy-S20-series-displays.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: c782a55f2aea0ac02ffcdc8f38bad011ee01d6401d0d85b6ab7edac59a96394e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
server: nginx/1.20.1
x-hw: 1650085841.cds250.lo4.hn,1650085841.cds059.lo4.c
content-type: image/jpeg
access-control-allow-origin: https://review.phonearena.com
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 156879

GET
H2 200 iMac-vs-Mac-Studio-3.jpg
www.macworld.com/wp-content/uploads/2022/04/ 10 KB
10 KB 26ms
25ms Image
image/webp 2a04:fa87:fffd::c000:42d0
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.macworld.com/wp-content/uploads/2022/04/iMac-vs-Mac-Studio-3.jpg?quality=50&strip=all&w=1024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffd::c000:42d0 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

794af52b44523175b3e165d67717c4fff83c54acc9e7a6979613871ff3898620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 05:10:41 GMT
x-rq: lhr4 109 142 443
last-modified: Fri, 15 Apr 2022 13:02:19 GMT
server: nginx
etag: "cb82434d53fa1037"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9998
expires: Sat, 15 Apr 2023 13:02:19 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 053D 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQ4dY96FzCOyQOF2i5OpgZ0Q7mzWRYaPHjExectnY7-ItspvokTeJVYhOEz8UqhFWwqTtp6DUsExSqNGgo2BBuY3EmwWwgWb-SIXYIQmwtbekxuMrf9g&sai=AMfl-YT9n4_0VYKf61VbLHnGxrkpuQJBuhHDlocI2DnMzAkVQH9LbwTIu6_s9Poe7cZyxuo7DIiitkVqj3C7&sig=Cg0ArKJSzKcmwAl2jsQ7EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=128,792,1000,1000,1000&tos=128,664,208,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650085840377&rpt=414&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Apr 2022 05:10:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220413&jk=2348396979257721&bg=!-vml-b3NAAZvJBiFTyQ7ACkAdvg8Wshos9FeXF8A5EveAT0HYrdSqt7qKfEHjpkslxK-3A2FJw5zSAIAAABiUgAAAANoAQcKADiY974xw0bHuUil8OeOSrhd54iEQ-Ut0NeLesvImUVgY5sxbujr1YC5-f1OwjLbWc1ZeoWaIYJrSJkCpo9byhpVlIIJb7NpOoQ1EwVjNHgbTxou2yzSxIbWHpWJGXYjp7k-CN_ZNHYAqL3tB27JkctlV3dWCuRkqEmruW7O4EHmPYihUpyguNSxV5d9AyG46Tr8B2ZH_a_ZSgBWXf4EZ_aJ56FpYjUa2-31JE7-N2fIBsv0tyoRPRIeds4QVA4mjiV8ZjJ9NiPL0wUy1FpQCpcDdeoF3VSA_903WGEYqgsfq_9asOZq_huR1_sowXV8djxlz5v07AHEhnK5mZoxMD9ZXeObfZv_7ij-ML7svpqsYOvx03HYJ_B15LG6APgzvnEnU6muyOcjHIr0iAfBXmASdekB50Iin1Z_rDQvpJJiOX-vh5jUwGZ8W-ETv4Y8A2Grh0xJYNtirpX41epcvGNK7R2NEgzwjX21U9XnlIeuH1qOUZSWC2XYfEKEKMhJcTmD1jC2dMlzYrAD6CD-Bd7JC2KUQ2kOGjIFN14m-PLzjBsuZ4FP7rwBdckjpRcyUeF1xWtpPSs527jObUYv6DQiB5gjr4_nqJS-flo23MxGYbCoHGNiDza1tPUm3_WAgQOi9d_ZxDLc5k3ehY_T_FZHI58_T1XUMbY7eu0QjMaT_MnadBpl7eALJWN6enSICIJ6StJDBM2IM0yARdgVNlmVcKWsEoD355b2tmIMM2c-CnRW4PcOYE_38hr1RQFPNp-V93AIrFBYEXMG1kdsF_c7p_RTBFytoZuchQTMOCuT8UhFrIcpUOVr9wDsPiJwkyer_CMnlZY5qbvVj-vnM_3dCXVe0zKUQk1dPKlN1rzv3PhHHvXMDER_J8yV_yc86GhsA_khEa7KiS-7Rc6cdpyBwF0F_RyPxs55Iwk5bg9E95lgm-o14tz0YO7FCmvnDHdsAKHB6fIuhKVTGMo1Xuob9A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 403 id60374_1.jpg
www.nanowerk.com/nanotechnology-news2/ 0
0 69ms
35ms Image
text/html 2606:4700:3108::ac42:288a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nanowerk.com/nanotechnology-news2/id60374_1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:288a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 403 jio-airtel-vi-these-short-term-prepaid.jpg
telecomtalk.info/wp-content/uploads/2022/04/ 0
0 72ms
40ms Image
text/html 2606:4700:20::681a:d89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://telecomtalk.info/wp-content/uploads/2022/04/jio-airtel-vi-these-short-term-prepaid.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:d89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://channel969.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEESk6SdNK_HC8amzmquU448&google_cver=1&google_push=AYg5qPI1Sx-1mnAzpDowEezx1WSl3p0QQZ9wtZZ6FzYHYVVU1e4wmmQshc2IpCHlvdOPAwnQ2GXCn2Td6s0iGXsEbYx-V-_qIann

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.channel969.com/	1970-01-20 19:52:37	Name: _ga_NZMZWEW521 Value: GS1.1.1650085839.1.0.1650085839.0
.channel969.com/	1970-01-20 19:52:37	Name: _ga Value: GA1.2.1169994059.1650085839
.channel969.com/	1970-01-20 02:22:52	Name: _gid Value: GA1.2.1044677511.1650085840
.channel969.com/	1970-01-20 02:21:25	Name: _gat_gtag_UA_220711408_1 Value: 1
.channel969.com/	1970-01-20 11:43:01	Name: __gads Value: ID=4e29d7385b10080a-221d609177cd001c:T=1650085839:RT=1650085839:S=ALNI_MboVmrAygBzne02uZcdaVqwaNGNug
.doubleclick.net/	1970-01-20 11:43:01	Name: IDE Value: AHWqTUmw7THh3EjBVvUDqxZmjogDcdJRgiPLiz748gxXHo-wAG9H4RIxK0nUHNHxkBo
.quantserve.com/	1970-01-20 04:31:01	Name: d Value: EEgBCQH1JYEA
.quantserve.com/	1970-01-20 11:51:40	Name: mc Value: 625a4fd1-101a3-45426-4dd55
.doubleclick.net/	1970-01-20 02:21:29	Name: DSID Value: NO_DATA
.e.dlx.addthis.com/	1970-01-20 11:51:40	Name: na_tc Value: Y
.casalemedia.com/	1970-01-20 11:07:01	Name: CMID Value: YlpP0XMvvfjb26CjwfBAUgAA
.casalemedia.com/	1970-01-20 04:31:01	Name: CMPS Value: 1821
.addthis.com/	1970-01-20 11:51:40	Name: na_id Value: 2022041605104100017311975850
.addthis.com/	1970-01-20 11:51:40	Name: na_tc Value: Y
.addthis.com/	1970-01-20 11:51:40	Name: uid Value: 625a4fd11555d072
.addthis.com/	1970-01-20 11:51:40	Name: ouid Value: 625a4fd1000146e12b2c567e1d7946c546b96bd38412eb82f105
.dlx.addthis.com/	1970-01-20 03:04:37	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 03:04:37	Name: na_sr Value: 20220416
.dlx.addthis.com/	1970-01-20 02:21:25	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 03:04:37	Name: na_sc_e Value: 0
.casalemedia.com/	1970-01-20 04:31:01	Name: CMPRO Value: 1875
.casalemedia.com/	1970-01-20 02:22:52	Name: CMST Value: YlpP0WJaT9EA
.pubmatic.com/	1970-01-20 02:22:52	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 04:31:01	Name: KADUSERCOOKIE Value: 754ED8B7-91C7-4108-B812-32B5A5F61F8F

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEESk6SdNK_HC8amzmquU448&google_cver=1&google_push=AYg5qPI1Sx-1mnAzpDowEezx1WSl3p0QQZ9wtZZ6FzYHYVVU1e4wmmQshc2IpCHlvdOPAwnQ2GXCn2Td6s0iGXsEbYx-V-_qIann Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://www.nanowerk.com/nanotechnology-news2/id60374_1.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://telecomtalk.info/wp-content/uploads/2022/04/jio-airtel-vi-these-short-term-prepaid.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlpP0XMvvfjb26CjwfBAUgAAB1MAAAAB&google_gid=CAESEPvHvG-IZGrBq1SYlxqAaPw&google_push=AYg5qPLrKzv7Q27mWWd8xUSt91qdAIbKpTGBw9qtJTWOVUh13FDs2L6gIk_vFNLeEJA0mvqpebKlcvxOhu7n84hIQKk0Ym-L_A&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://www.nanowerk.com/nanotechnology-news2/id60374_1.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://telecomtalk.info/wp-content/uploads/2022/04/jio-airtel-vi-these-short-term-prepaid.jpg Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
cat.nl.eu.criteo.com
cdn.sstatic.net
cdnjs.cloudflare.com
channel969.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
d1rytvr7gmk1sx.cloudfront.net
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
m-cdn.phonearena.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
rtb.fr.eu.criteo.com
rtb.openx.net
secure.gravatar.com
static.criteo.net
techcrunch.com
telecomtalk.info
thehackernews.com
tpc.googlesyndication.com
venturebeat.com
www.cnet.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.macworld.com
www.nanowerk.com
cm.g.doubleclick.net
googlecm.hit.gemius.pl
104.89.42.102
142.250.184.226
151.101.65.69
151.139.128.11
178.250.2.135
178.250.2.148
178.250.2.150
185.64.190.78
192.0.66.2
216.58.212.130
2600:9000:223e:b000:1b:5a63:840:93a1
2606:4700:20::681a:d89
2606:4700:20::ac43:4615
2606:4700:3108::ac42:288a
2606:4700::6811:190e
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c104::a000
2a00:1450:4001:802::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a04:4e42:4c::666
2a04:fa87:fffd::c000:42d0
2a04:fa87:fffe::c000:4902
35.186.253.211
69.173.144.138
95.217.85.252
022c78f9ca1d985708b824f842a2434ab3696b867b3e683d1243cce364504150
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02af7e03520b6699b7eff36516fcd9fc000f00f6388f8ddeac599d00a76e6d0f
08c19272c2f4f2e9182304fa928374ca3ae0bc94b9a34e8c2dff93d6bc8882f8
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af87c8d4c9f81a738d345f4dee37a4370191976a4cc304ecb718bff48308a95
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1004790da4f4ff9554828677090ce64fc85fe6cc818d755551df60b85af18588
109be2446d2149cf620ce59299eb2cf62d3f68419ecf179d8770b2018c399d2c
1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb
153664ae0197a41a7af5496b6c8f89ced381c23a57396fdcde773670a4a7c01b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
2a88596d8c0a225f0cdf6b710209c1089865da2d0785d38f21dbc0e3068945ca
2bffa5bfe818ea6b967ab9776909ded4242c0f20500875fa52ad4714b5576c08
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
300cd678581c1f04ad918b185f5e75f1b67944339b7e52b008dc8aea9f9f1dfb
320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
3763d2a2290cd57c24f6b28dafa96c31b9dc5b86a9a0271eff66caf6fc50f991
385f58815d186015cf42e0dcc2d91dbb2c2ea6c2ece3ecc009004e9128273d19
3c31f194616ed5157c41e5e3ae46976fbf82a885584917b82fcfbeee0f10bf7b
3d5fbdecffbcf4b09fc5b12895527b855bd9f569968b18ea1e38cd360d6ea8c4
4096a1cffad010f0e099e84eff3a77773f30f4a00374a08655f1698fdd81fb6b
409c9202cc5910df851feeae2e58ae241aad2bbe585fc191d1afc82c27375213
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4aa21c1138fd4119495cd1575e50ac534dd56fe5288918e3893d20d6b401f38d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
5056b603e811f074a7efffd035bc35932342415b568e7a291723bc164d0e4422
53fe2341c73b440e0670100f6133d527afb0832804b9538bba17b6d1ba6d3fcd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58c486410327935edee0c88f48524bed22efb851f1297de45141491d6a2c025b
58d260c57004679defa1dbbf59b59df7bc1df71b6b664767b9bc0f4e76de9f3b
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ee85d2f8f6de1d7920014c32c148fe71a9ed8560887a14e56ae1ccd19d82794
5f924cee123be2a82752d521d71996233fe101f1d4d253230771b813baf842ac
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6534b0c6765263da1df9c4a4935e353e6e58943768766f9ea2742258f1034613
67d9045a84b2424899a0bee08dd8a0675308270d4c7420071eddf553deb05583
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9630fb775d7c0da347a1f70198e3235c9590548e64bc5c6d40da5f409da44f
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
724406b473b200db421d9655d46e49f44278d5db9e06ea605dfdc24e332c6b3b
794af52b44523175b3e165d67717c4fff83c54acc9e7a6979613871ff3898620
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
810fb98eaabfd9c7c9cd17763709280cd227c04e0e4c636af6960e0a1b527172
823f6032305201cec1d828ded97fe08b9392ea3113ee6bd38edeb171891ad4fb
8636bba0e4e2ad654303ca046973c174b1ae13ccb96b3d329ee67085b401a5f2
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b5abf902c157c372285a8277bd336ce30ac5efe1422a610d3b89e8024174e15
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
96a3f4a4a2f073caf3d2f9e2cbf9f858143bcc3971d49eed7197bf5972ec1726
9983b09edd20a784c1cbbc45cf491a1aa36a8c135ba6ee4130233411a039b982
9a898df5489607e11d507a3bcf363a8472700233226e05e3b7a70621fd8faa2f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bf89139bf0f3c70d3c2ba25d9afe3b6e0a64dee3babec05165bde32e02167f0
9c7da29e6a44aa8b6a257043f432cb03532aebcd32763d8eccf4f47e17cdc74d
9df6b23dabd2501e67818bfafb5f541cd05386c5df70b203425e079047b70afd
9e280db81cac1cfdc17d6bec865c081f1b52fc9626985316e87f20901651e6bf
9e62a82e9d7351e0bda141d3911010e70f2b4bcb5c201570287b808a74e39617
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2ae5e5fd0b18a88d4cf7b2b777a6c355da8a5b9ce1e697b9fc0c853215641ad
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a8ce07bd50b75c148130753df4b25b9078988f056023bae727beac69a50b17c8
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac9c2e38040e5ab91387d7152349ecbc13dfba9776998981a42b7d322094dd81
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af97a127628876cab5f8f369c2523e2b7b321297ad728f01a806e7c78f605dd5
b3d266e1b4d345f2441f37970a693a6aa4ba189ab8ab04ff5195d065eaf10285
b7ae9159752c1e5f90f6753c4534a01190784bd11a0730a79f631f8f8e4bea5b
b8cdd849a5c19b005bb94214253450e9416d335d1dcaa9724f726065e72d8f25
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
ba04c7a8d3c849ed7c90695c91f8e407b0e4f2084e6fd08adc05dd7732c02626
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb6dac605cbae56c4f283a12d9e83caadca8d4a999a781e939d66d3a74716938
bbf18ae550d420504652ee7304deb5b21ae4c2e500bbd0e13489298a6b9a314d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c302f858d0e858df4f858bc29c75f5b370634c9d60c69a1c17ca0b02ee5eacc8
c38694bbd52b15dabbc5c7df95604cc67139920bfb64a86c1056a59e4508136b
c3d628f4e66cecd08fd6e79132a41585dfd209b14bd6e0695af0842025ee2768
c782a55f2aea0ac02ffcdc8f38bad011ee01d6401d0d85b6ab7edac59a96394e
ca61d1a4770972748db1f4e022b698dc3b20d63fbbce05429fddd2291393095e
cb2a0ae2c0d3b18e475484f41088b22175331a4582c0f0240b24e497a24d6198
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cebaa85608d8bfd65f643037b2730000c81ffb577c9b43e3b297e257b01cca92
d6653de2ac82375694d4c6bb1c989438ed83fb6306fe498cbe94b45e862c6314
da29f292d7ca8bfc40fcb6b5b8a34c15ab008e5771ad377b3c7797e923871a36
dd7c7517af7fb44dd96afebc2dd23a21218d095db63cf5d377c5d207be473192
dde0163a6c9a4e79d0b1e0dfebf7faa6b2745fa8b9d0e62c1a3640817eb1f981
dedc7b6f50f2355cde6c50d6d22ea42e43935569f28b8267b41815aef5f98460
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df3e843c191537e4a4d18b9164f95fb236ac5e05f5f7d7617b541b4ddbae101b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64660b5cab5d05f13db326ad72ba33875d74d642e3b7ed14a5a390863618713
ecaaeea6f052e64589d8acd2e3c5ec361b9ccf162d2953f2174c16a73a1f490c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f047f71c23508e3236563d239e1c99d08415d933f9a784ed0d8841da54feccee
f249ab516e3952bb15ca40c3e63bc39803dcee5dba1ab5886968a395b2b3f8d6
f3aa6747549c2a00dcfb7b9425e0df9c7d000f319da42179619f7800c721c2f6
f531fc4b1981754b623942a77f8766cf715d205e0404c50b8ee0b15334fe34b3
f9105ad89b0652997872724722eb0747fbabefd60ac84c4d47c374bc27529821
fab541eb9da5a742c3f6c5c6840f2bea0a7b3c5a1df7e34dfe65e809ddd72ced
ff7fe9c31a5555d6b48c0fdbca4c93b4eda355938300fd6d7060764d3d8fc07c

channel969.com Open in urlscan Pro 95.217.85.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

207 Requests

98 %HTTPS

67 %IPv6

31 Domains

43 Subdomains

37 IPs

7 Countries

3832 kBTransfer

6974 kBSize

24 Cookies

35 Outgoing links

Page URL History

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

channel969.com Open in urlscan Pro
95.217.85.252 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

98 %
HTTPS

67 %
IPv6

31
Domains

43
Subdomains

37
IPs

7
Countries

3832 kB
Transfer

6974 kB
Size

24
Cookies

207 HTTP transactions
6 data transactions