urlscan.io logo urlscan.io
SecurityTrails logo

t3n.de Open in urlscan Pro
35.198.113.83  Public Scan

Go To Rescan Add Verdict Report
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Submission: On November 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 82 IPs in 9 countries across 53 domains to perform 302 HTTP transactions. The main IP is 35.198.113.83, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is t3n.de.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on September 2nd 2019. Valid for: 2 years.
This is the only time t3n.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 35.198.113.83 15169 (GOOGLE)
12 143.204.101.112 16509 (AMAZON-02)
1 91.215.100.39 43407 (INFONLINE-AS)
3 19 2a00:1450:400... 15169 (GOOGLE)
2 99.86.5.213 16509 (AMAZON-02)
4 35.190.14.94 15169 (GOOGLE)
1 2 161.156.66.184 36351 (SOFTLAYER)
2 2a00:1450:400... 15169 (GOOGLE)
6 35.201.103.226 15169 (GOOGLE)
9 104.111.216.19 16625 (AKAMAI-AS)
2 54.247.80.139 16509 (AMAZON-02)
4 2606:2800:234... 15133 (EDGECAST)
6 35.246.218.68 15169 (GOOGLE)
12 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
23 216.58.207.66 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:f48:2000... 47447 (TTM)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 116.202.11.242 24940 (HETZNER-AS)
9 2a00:1450:400... 15169 (GOOGLE)
1 1 3.123.119.2 16509 (AMAZON-02)
1 3 2a05:d014:c09... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 2a04:4e42:3::621 54113 (FASTLY)
2 69.173.144.141 26667 (RUBICONPR...)
5 51.77.65.177 16276 (OVH)
1 4 37.252.172.250 29990 (ASN-APPNEX)
2 18.193.10.179 16509 (AMAZON-02)
6 185.64.189.112 62713 (AS-PUBMATIC)
1 178.250.2.131 44788 (ASN-CRITE...)
1 184.31.84.150 20940 (AKAMAI-ASN1)
1 2 91.215.103.65 43407 (INFONLINE-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.226.93.18 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 104.84.57.205 16625 (AKAMAI-AS)
1 176.34.114.129 16509 (AMAZON-02)
2 64.202.112.191 23352 (SERVERCEN...)
4 2a00:1450:400... 15169 (GOOGLE)
3 151.101.14.132 54113 (FASTLY)
1 18.185.124.12 16509 (AMAZON-02)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
3 64.74.236.159 19024 (INTERNAP-...)
15 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 104.109.73.125 20940 (AKAMAI-ASN1)
2 75.2.86.129 16509 (AMAZON-02)
6 14 184.31.91.75 20940 (AKAMAI-ASN1)
3 104.111.215.135 16625 (AKAMAI-AS)
2 104.111.215.68 16625 (AKAMAI-AS)
1 184.30.212.16 20940 (AKAMAI-ASN1)
1 151.101.113.108 54113 (FASTLY)
2 104.109.59.72 20940 (AKAMAI-ASN1)
4 7 18.197.91.13 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 13.225.73.76 16509 (AMAZON-02)
6 69.16.175.10 20446 (HIGHWINDS3)
2 54.243.138.123 14618 (AMAZON-AES)
1 69.16.175.42 20446 (HIGHWINDS3)
1 35.244.159.8 15169 (GOOGLE)
2 18.192.15.110 16509 (AMAZON-02)
2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
3 52.205.229.107 14618 (AMAZON-AES)
1 54.165.228.255 14618 (AMAZON-AES)
2 185.94.180.124 35220 (SPOTX-AMS)
1 1 172.217.23.162 15169 (GOOGLE)
3 4 52.57.10.248 16509 (AMAZON-02)
2 18.156.0.31 16509 (AMAZON-02)
1 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 151.101.114.49 54113 (FASTLY)
2 2 52.17.253.7 16509 (AMAZON-02)
2 104.75.89.75 16625 (AKAMAI-AS)
1 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
3 104.84.57.75 16625 (AKAMAI-AS)
1 2 2.19.34.195 20940 (AKAMAI-ASN1)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
6 95.216.24.148 24940 (HETZNER-AS)
302 82
3    35.198.113.83 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 83.113.198.35.bc.googleusercontent.com
t3n.de
12    143.204.101.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-112.fra50.r.cloudfront.net
d1quwwdmdfumn6.cloudfront.net
1    91.215.100.39 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script4.ioam.de
script.ioam.de
19    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
cm.g.doubleclick.net
2    99.86.5.213 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-5-213.fra6.r.cloudfront.net
c.amazon-adsystem.com
4    35.190.14.94 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 94.14.190.35.bc.googleusercontent.com
assets.t3n.sc
2    161.156.66.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.42.9ca1.ip4.static.sl-reverse.com
ssl-vg03.met.vgwort.de
2    2a00:1450:4001:809::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
6    35.201.103.226 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 226.103.201.35.bc.googleusercontent.com
images.t3n.sc
9    104.111.216.19 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-19.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
libs.outbrain.com
2    54.247.80.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-80-139.eu-west-1.compute.amazonaws.com
js.smartredirect.de
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
6    35.246.218.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.218.246.35.bc.googleusercontent.com
api.t3n.de
12    2a02:26f0:6c00::210:ba2a (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
use.typekit.net
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
23    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:f48:2000:1023::2 (Germany)

ASN47447 (TTM, DE)
widgets.getsitecontrol.com
st.getsitecontrol.com
1    2606:4700:20::681a:f1f (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
1    116.202.11.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.11.202.116.clients.your-server.de
cdn.onthe.io
9    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    3.123.119.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eu.b2c.com
3    2a05:d014:c09:7602:6575:8072:5ae8:ba76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
api-18-185-124-12.b2c.com
5    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a02:26f0:10c:581::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
p.typekit.net
3    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    51.77.65.177 (Germany)

ASN16276 (OVH, FR)
PTR: buyer13.dspx.tv
buyer.dspx.tv
4    37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    18.193.10.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-10-179.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
6    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    184.31.84.150 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    91.215.103.65 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de
de.ioam.de
1    2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    34.226.93.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-93-18.compute-1.amazonaws.com
app.getsitecontrol.com
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
9    104.84.57.205 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-57-205.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
1    176.34.114.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-114-129.eu-west-1.compute.amazonaws.com
abp.smartadcheck.de
2    64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
log.outbrainimg.com
videoclientsservicescalls.outbrain.com
4    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com
3    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
1    18.185.124.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
api-18-185-124-12.b2c.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    64.74.236.159 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
mcdp-chidc2.outbrain.com
15    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
20    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    104.109.73.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-73-125.deploy.static.akamaitechnologies.com
cdn.m6r.eu
js.adscale.de
2    75.2.86.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a3436eee63857ff41.awsglobalaccelerator.com
gaa.adscale.de
14    184.31.91.75 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-91-75.deploy.static.akamaitechnologies.com
tracking.m6r.eu
3    104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
2    104.111.215.68 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-68.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    184.30.212.16 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.109.59.72 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-59-72.deploy.static.akamaitechnologies.com
ad.yieldlab.net
7    18.197.91.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-91-13.eu-central-1.compute.amazonaws.com
ih.adscale.de
2    2607:f8b0:4000:811::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2600:9000:2156:3600:12:6213:9cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
si.nuggad.net
1    2600:9000:20eb:a800:1f:a1b:34c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
nugmw.userreport.com
1    13.225.73.76 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-76.fra2.r.cloudfront.net
sak.userreport.com
6    69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
static.vidazoo.com
2    54.243.138.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
server7.vidazoo.com
1    69.16.175.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
inventory.vidazoo.com
1    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
outbrain-d.openx.net
2    18.192.15.110 (United States)

ASN16509 (AMAZON-02, US)
ads.adaptv.advertising.com
2    2a02:26f0:10c:4bc::2c79 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
player.aniview.com
3    52.205.229.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
1    54.165.228.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
observe.aniview.com
2    185.94.180.124 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
search.spotxchange.com
1    172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net
cm.g.doubleclick.net
4    52.57.10.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
2    18.156.0.31 (United States)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    52.17.253.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
2    104.75.89.75 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
a.teads.tv
1    2a02:26f0:64:596::36f1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
s8t.teads.tv
3    104.84.57.75 (United States)

ASN16625 (AKAMAI-AS, US)
t.teads.tv
2    2.19.34.195 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-19-34-195.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    95.216.24.148 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.24.216.95.clients.your-server.de
tt.onthe.io
Apex Domain
Subdomains		 Transfer
29 googlesyndication.com
pagead2.googlesyndication.com
ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com
tpc.googlesyndication.com
204 KB
28 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
269 KB
16 m6r.eu
cdn.m6r.eu
tracking.m6r.eu
12 KB
16 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
odb.outbrain.com
mcdp-chidc2.outbrain.com
libs.outbrain.com
mv.outbrain.com
videoclientsservicescalls.outbrain.com
151 KB
15 ampproject.org
cdn.ampproject.org
296 KB
15 typekit.net
use.typekit.net
p.typekit.net
399 KB
14 google.com
fundingchoicesmessages.google.com
www.google.com
adservice.google.com
90 KB
13 adscale.de
js.adscale.de
gaa.adscale.de
ih.adscale.de
32 KB
12 cloudfront.net
d1quwwdmdfumn6.cloudfront.net
181 KB
10 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
204 KB
10 t3n.sc
assets.t3n.sc
images.t3n.sc
198 KB
9 vidazoo.com
static.vidazoo.com
server7.vidazoo.com
inventory.vidazoo.com
310 KB
9 googletagservices.com
www.googletagservices.com
246 KB
9 t3n.de
t3n.de
api.t3n.de
95 KB
8 gstatic.com
fonts.gstatic.com
csi.gstatic.com
66 KB
8 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
374 B
7 onthe.io
cdn.onthe.io
tt.onthe.io
20 KB
6 teads.tv
a.teads.tv
s8t.teads.tv
t.teads.tv
192 KB
6 aniview.com
player.aniview.com
track1.aniview.com
observe.aniview.com
110 KB
6 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
1 KB
5 adnxs.com
ib.adnxs.com
acdn.adnxs.com
4 KB
5 dspx.tv
buyer.dspx.tv
5 KB
5 google-analytics.com
www.google-analytics.com
19 KB
5 b2c.com
eu.b2c.com
api-18-185-124-12.b2c.com
6 KB
5 googleapis.com
storage.googleapis.com
fonts.googleapis.com
66 KB
4 twitter.com
platform.twitter.com
31 KB
3 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
2 KB
3 casalemedia.com
htlb.casalemedia.com
as-sec.casalemedia.com
3 KB
3 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
15 KB
3 facebook.com
www.facebook.com
689 B
3 getsitecontrol.com
widgets.getsitecontrol.com
st.getsitecontrol.com
app.getsitecontrol.com
98 KB
3 ioam.de
script.ioam.de
de.ioam.de
10 KB
2 scorecardresearch.com
sb.scorecardresearch.com
1 KB
2 adsrvr.org
match.adsrvr.org
986 B
2 everesttech.net
sync-tm.everesttech.net
487 B
2 spotxchange.com
search.spotxchange.com
2 KB
2 userreport.com
nugmw.userreport.com
sak.userreport.com
34 KB
2 yieldlab.net
ad.yieldlab.net
1 KB
2 criteo.net
static.criteo.net
48 KB
2 google.de
www.google.de
adservice.google.de
909 B
2 criteo.com
bidder.criteo.com
gum.criteo.com
136 B
2 justpremium.com
pre.ads.justpremium.com
1 KB
2 facebook.net
connect.facebook.net
93 KB
2 smartredirect.de
js.smartredirect.de
4 KB
2 vgwort.de
ssl-vg03.met.vgwort.de
777 B
2 amazon-adsystem.com
c.amazon-adsystem.com
33 KB
1 openx.net
outbrain-d.openx.net
393 B
1 nuggad.net
si.nuggad.net
511 B
1 indexww.com
js-sec.indexww.com
1 smartadcheck.de
abp.smartadcheck.de
327 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 cleverpush.com
static.cleverpush.com
91 KB
1 googletagmanager.com
www.googletagmanager.com
50 KB
302 53
Domain Requested by
23 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
t3n.de
20 tpc.googlesyndication.com t3n.de
cdn.ampproject.org
securepubads.g.doubleclick.net
tpc.googlesyndication.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
14 tracking.m6r.eu 6 redirects t3n.de
cdn.m6r.eu
12 use.typekit.net t3n.de
12 d1quwwdmdfumn6.cloudfront.net t3n.de
d1quwwdmdfumn6.cloudfront.net
9 fundingchoicesmessages.google.com t3n.de
9 www.googletagservices.com t3n.de
securepubads.g.doubleclick.net
8 images.outbrainimg.com t3n.de
7 ih.adscale.de 4 redirects js.adscale.de
t3n.de
7 widgets.outbrain.com t3n.de
widgets.outbrain.com
6 tt.onthe.io cdn.onthe.io
6 static.vidazoo.com libs.outbrain.com
static.vidazoo.com
t3n.de
6 fonts.gstatic.com fonts.googleapis.com
6 hbopenbid.pubmatic.com d1quwwdmdfumn6.cloudfront.net
static.vidazoo.com
player.aniview.com
6 api.t3n.de t3n.de
d1quwwdmdfumn6.cloudfront.net
6 images.t3n.sc t3n.de
securepubads.g.doubleclick.net
5 pagead2.googlesyndication.com d1quwwdmdfumn6.cloudfront.net
t3n.de
securepubads.g.doubleclick.net
5 buyer.dspx.tv d1quwwdmdfumn6.cloudfront.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
t3n.de
4 pixel.advertising.com 3 redirects t3n.de
4 cm.g.doubleclick.net 4 redirects
4 js.adscale.de securepubads.g.doubleclick.net
js.adscale.de
4 ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.google.com t3n.de
4 ib.adnxs.com 1 redirects d1quwwdmdfumn6.cloudfront.net
t3n.de
4 api-18-185-124-12.b2c.com 1 redirects t3n.de
4 platform.twitter.com t3n.de
platform.twitter.com
4 assets.t3n.sc t3n.de
3 t.teads.tv t3n.de
3 track1.aniview.com t3n.de
3 fonts.googleapis.com securepubads.g.doubleclick.net
3 mcdp-chidc2.outbrain.com widgets.outbrain.com
3 www.facebook.com t3n.de
connect.facebook.net
3 p.typekit.net t3n.de
3 t3n.de t3n.de
2 sb.scorecardresearch.com 1 redirects t3n.de
2 a.teads.tv libs.outbrain.com
s8t.teads.tv
2 match.adsrvr.org 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ups.analytics.yahoo.com t3n.de
2 search.spotxchange.com player.aniview.com
2 as-sec.casalemedia.com player.aniview.com
2 player.aniview.com libs.outbrain.com
player.aniview.com
2 ads.adaptv.advertising.com static.vidazoo.com
player.aniview.com
2 server7.vidazoo.com static.vidazoo.com
2 csi.gstatic.com pagead2.googlesyndication.com
2 ad.yieldlab.net t3n.de
2 ads.pubmatic.com d1quwwdmdfumn6.cloudfront.net
player.aniview.com
2 gaa.adscale.de js.adscale.de
2 cdn.m6r.eu t3n.de
2 static.criteo.net d1quwwdmdfumn6.cloudfront.net
static.criteo.net
2 odb.outbrain.com widgets.outbrain.com
2 de.ioam.de 1 redirects t3n.de
2 pre.ads.justpremium.com d1quwwdmdfumn6.cloudfront.net
2 fastlane.rubiconproject.com d1quwwdmdfumn6.cloudfront.net
2 connect.facebook.net t3n.de
connect.facebook.net
2 js.smartredirect.de t3n.de
js.smartredirect.de
2 storage.googleapis.com t3n.de
2 ssl-vg03.met.vgwort.de 1 redirects t3n.de
2 c.amazon-adsystem.com t3n.de
c.amazon-adsystem.com
1 gum.criteo.com static.criteo.net
1 s8t.teads.tv a.teads.tv
1 pr-bh.ybp.yahoo.com t3n.de
1 observe.aniview.com player.aniview.com
1 outbrain-d.openx.net static.vidazoo.com
1 inventory.vidazoo.com t3n.de
1 sak.userreport.com si.nuggad.net
1 nugmw.userreport.com t3n.de
1 si.nuggad.net 1 redirects
1 acdn.adnxs.com d1quwwdmdfumn6.cloudfront.net
1 eus.rubiconproject.com d1quwwdmdfumn6.cloudfront.net
1 js-sec.indexww.com d1quwwdmdfumn6.cloudfront.net
1 videoclientsservicescalls.outbrain.com libs.outbrain.com
1 mv.outbrain.com widgets.outbrain.com
1 libs.outbrain.com widgets.outbrain.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 log.outbrainimg.com widgets.outbrain.com
1 abp.smartadcheck.de js.smartredirect.de
1 widget-pixels.outbrain.com t3n.de
1 tcheck.outbrainimg.com widgets.outbrain.com
1 www.google.de t3n.de
1 app.getsitecontrol.com st.getsitecontrol.com
1 stats.g.doubleclick.net www.google-analytics.com
1 htlb.casalemedia.com d1quwwdmdfumn6.cloudfront.net
1 bidder.criteo.com d1quwwdmdfumn6.cloudfront.net
1 cdn.jsdelivr.net d1quwwdmdfumn6.cloudfront.net
1 st.getsitecontrol.com widgets.getsitecontrol.com
1 eu.b2c.com 1 redirects
1 cdn.onthe.io www.googletagmanager.com
1 static.cleverpush.com t3n.de
1 widgets.getsitecontrol.com t3n.de
1 www.googletagmanager.com t3n.de
1 script.ioam.de t3n.de
302 95
Subject Issuer Validity Valid
*.t3n.de
GeoTrust TLS RSA CA G1		 2019-09-02 -
2021-10-31		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.ioam.de
Thawte TLS RSA CA G1		 2019-09-18 -
2021-12-17		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
assets.t3n.sc
GeoTrust TLS RSA CA G1		 2019-03-17 -
2021-04-15		 2 years crt.sh
*.met.vgwort.de
Thawte RSA CA 2018		 2020-03-13 -
2022-04-01		 2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
images.t3n.sc
GeoTrust TLS RSA CA G1		 2018-12-18 -
2021-01-16		 2 years crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2021-06-08		 a year crt.sh
*.smartredirect.de
Amazon		 2020-03-20 -
2021-04-20		 a year crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-11-18		 a year crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA		 2020-01-28 -
2022-02-01		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2020-03-05 -
2022-05-04		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-12 -
2021-08-12		 a year crt.sh
*.onthe.io
Sectigo RSA Domain Validation Secure Server CA		 2020-04-07 -
2021-06-06		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
b2c.com
Let's Encrypt Authority X3		 2020-11-10 -
2021-02-08		 3 months crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.dspx.tv
Sectigo RSA Domain Validation Secure Server CA		 2019-02-07 -
2021-02-13		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
tracking.justpremium.com
Amazon		 2019-12-24 -
2021-01-24		 a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-09-04 -
2020-12-03		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.outbrainimg.com
DigiCert Secure Site ECC CA-1		 2020-03-26 -
2021-06-25		 a year crt.sh
*.smartadcheck.de
Amazon		 2020-10-07 -
2021-11-06		 a year crt.sh
*.google.de
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2020-09-04 -
2020-12-03		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
cat.adscale.de
DigiCert SHA2 Secure Server CA		 2020-10-23 -
2021-11-21		 a year crt.sh
*.adscale.de
Amazon		 2020-06-05 -
2021-07-07		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-29 -
2021-04-14		 5 months crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2020-02-04 -
2021-05-05		 a year crt.sh
*.userreport.com
RapidSSL RSA CA 2018		 2019-01-10 -
2021-03-10		 2 years crt.sh
*.vidazoo.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-20 -
2021-04-03		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-07-29 -
2021-01-25		 6 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2020-01-22 -
2021-04-22		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-18 -
2021-03-17		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-24 -
2021-04-20		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-06-02 -
2020-11-29		 6 months crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2020-10-04 -
2021-03-31		 6 months crt.sh
teads.tv
Let's Encrypt Authority X3		 2020-09-01 -
2020-11-30		 3 months crt.sh
s8t.teads.tv
DigiCert SHA2 Secure Server CA		 2019-10-17 -
2021-01-15		 a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh

This page contains 29 frames:

Primary Page: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Frame ID: 88B2D538C76067A5D5E138A70A4F724C
Requests: 164 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: C7F7F5E19ACAD86BAABBF33F8095B271
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Ft3n.de
Frame ID: E7919B4C7833C38AE7FF88D7AF6278CC
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/index.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1323204004248211457&lang=de&origin=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&siteScreenName=t3n&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Frame ID: 35E57CD9ACA743D2B72F7B994C150E9A
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 1AC2EE7D804BB8D8BA16CD8DC0102F87
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIs3kMC5agqeOANXGQTTkpWKueplI8z3JoevqF4t-SjPn8eIQqdUsio3sdWpEChUHnkbnT1ijnGO1wsCqN_6ZSUpXGoQYan1wUkD_Z2nx4vmspROe67hGS4l79tPlJhCajC43eahNT6ZHk2dV0GS54p9ZfUvVl2I0w1x7c9pKlaX-dVEeUDAmAh_5MgYxwceWUmN9Nm-rFcUkqlFjuIsoGeAzBueWEUPDm7XW9mbTbN8bzsNOPBiVZ8pgRs0nC-Jn50qa4W9JW&sai=AMfl-YTMI0OE_z87hLcn-r_l-2z7NNje8S4bMTLpCXOiFW13MmBZeMTSHle1ZfQvThHshluXp2oxSmzd_EyhdJdkAVu2DYMaLtKEBVhAk2U8BQzVFs4_tSOTGzl6WBOBy84&sig=Cg0ArKJSzH56PPFfQzy4EAE&urlfix=1&adurl=
Frame ID: 90B23473077250BC511F3E788DD031C7
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7_w7OWys5fhsB3o-3oveBrm2G4yOSvre7uYj12koqqGC0u6djNGK7WuYgPeO85mExuv0RBqxQ8bJ1kNwpUlbYlO1DQfZ4Td120JV_wsE2Hig5iJW9UTp3-RXhG4ysUyT90eLC0H8HCYOkVWpGE5JViDY8bfVKLzlpzeBKp4So4RzN7dFYq-IXLwiFCtlZHVk5Oq6atT_BBnnuApvXEI3vZ_iU5mEPa_e792e7rUpnpmERU_ElFGGJaxxgEmDkcg2wzAUNAjnP&sai=AMfl-YS63z4tpEsFlkDBfwyxckvLaite2Suftm2O6MbAfjKnntEsEzsR7jTUtHCg-KWndDZsikYs7txkfMUKZEbyLGUVqRGUAJOox0b_uSv7Az18URyJV1EXIl74j0nEVNA&sig=Cg0ArKJSzB7EL9fFe1MoEAE&urlfix=1&adurl=
Frame ID: F7EFC29F7F9E83366A2D0CDEBE45F5DC
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCDPU11rLcKHwclY_IK39__tdF2q7-O3zo2NZMEva7MIp-l_wUOze7SKz8Poe4_-rxTfm96kr9n9RAhLdXdHDY-Zd4_SF0pF64r2MvCPcqOrOktM0mXjt395jDemo_poVYmUdqtQHGMgOCRQnoWtbxRpzxrbtBxKO6Lt3qqbhKgnlC7FrGPpU83uVvechJG2pP2QxOM0cfCDWqRI8qFjr2dhzRwCIVc-v7EluPl5swihqno8pwPG1Ghk9IONziN-7uVo7BecZX6kg&sai=AMfl-YTqVqC_IGazVxnMnNtS5HeSUTN2Xu9sEN_zdgVXfAvIstXauhPt6IKcFaQE9TrH2ifS3U6cu2IEMri2JDodR3giK35z3ZCGnGtwfJm0gx0q40Llzk7M7eB-rptgmUQ&sig=Cg0ArKJSzBtzLVL0IMD-EAE&urlfix=1&adurl=
Frame ID: 08507F50861FF57EA547D17176391CAC
Requests: 3 HTTP requests in this frame

Frame: https://ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 49EDCFEA10BB317D487353F744908429
Requests: 1 HTTP requests in this frame

Frame: https://ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 3E3D1069A774D311BA7097433AC0F951
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs
Frame ID: F57DF4DA5B18AFF4E4B731F34AA4FC41
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs
Frame ID: 56F2A55FCC332007078CDD192440C267
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIeMNNL6YQMt_zLpYNTcbJmgFkh4AOjbSMrcGtza5li3AFl2n7GW1bPHZw1JkbFVWBXM48K8B-S_3WcJ_WUrWBKsfndPRaPTIDRV0D0h6yOPyLMtedSvN1DvXg8fIYRvHmVxipBHR_PqveQwyAgm7prgWtfGTNn_T8wELbWX6d8xqb8WKuezE_Ahdd17vQApYDMNFICbZsoae90bvpOJEf-7K-3O5QqtOG8o6xGL5jnA0nksLgXaYd1FMPWhp14vHKQsQQz9GCVKfb36pEags&sai=AMfl-YTBxR3Olbc2mdDkTTzKGUdZldD0JlOcU_svNoFMpUVdj1MtrWGoPdSXmWrh0verRcepwITnLHVXoVq72USqOTpnJoiSCzBL-9KcQeF-4GFgjS5PCo6xHjhZZHru4x8&sig=Cg0ArKJSzEbbxNZuJGeMEAE&urlfix=1&adurl=
Frame ID: 90265415670C034DEDE8BBEA141067AC
Requests: 11 HTTP requests in this frame

Frame: https://ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F98317154B8D59C7C10525613C714136
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLGqMezH5jiYOj2gM6LrfehPw6X-MvIBH8f3qecRVAf8akddf5sisJGU2Xj-sawjEoOtjsHIhBtGAOOYEFAB6svZjuWkPPpc4Z9ohv-nROADEqYma3sz2owUD4sMwIcdJKP65aoAb0SXyhWiJ1gn8U9sQ2MAEaiIInR3eM_gE1Q6y50iPr8E6TCUeF8jPvdhiSMbR8h6YiC6-rH5A0RX814cWWDhaGXJnh26-srGdysr_YYzbfOJ-9UH7fYHPshQYk-PgYgK6awYDFVGGx&sai=AMfl-YRw5-FBL_WSKqEpTmG1Y6pY36UrJ6nIISnTxLkGZcKJT37axnvJqoD7Je2R0s25hKw8v2k6v5Cri8rb5tm6JB3Lqj_rGAdeUPRUPVUPkGQ1_4iayBXhLPO9rMHvIFI&sig=Cg0ArKJSzOQsT0H_RwIAEAE&urlfix=1&adurl=
Frame ID: 9CEC6B5E2C7449FD01CDDB947F5717FB
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 21E9EA197A60C3E28BF7E4878BD5DFDE
Requests: 20 HTTP requests in this frame

Frame: https://cdn.m6r.eu/sync/api
Frame ID: B0C4F7D0B0AA3FED091D7224017F71D5
Requests: 14 HTTP requests in this frame

Frame: https://cdn.m6r.eu/sync/api
Frame ID: DC033928C86CD8222453A1D54CB5E53F
Requests: 18 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EEDEFFD9B9B325D7E37513723D2DEAE3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E5FF3CE1538BA8E51BE27EB512303B6C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A0B34E017DB038DE4DA950EB15452243
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 76F464F3C91FD1E38E6639299D673C93
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a6bub4p1605272767404
Frame ID: 0129241E1B2F6B559262CABC5F9A6151
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1
Frame ID: C3A7782E7F4FF3E454ABB4A85070EE96
Requests: 1 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/1.0.434/prebid/prebid.js
Frame ID: C49A44D7DFC7CD803B8413C508951228
Requests: 6 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Frame ID: B01307963B1E571461753EB05E82B98D
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E28139C5A2E9A445621C73FB94FE49A7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=t3n.de
Frame ID: 58B95E6F0F8E7887869CA6A83B187186
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 158D0D39B56249C61932C24E1917B3B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

302
Requests

99 %
HTTPS

36 %
IPv6

53
Domains

95
Subdomains

82
IPs

9
Countries

3689 kB
Transfer

9466 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://ssl-vg03.met.vgwort.de/na/6cb950aa1bba479b911f298b7bb10451 HTTP 302
  • https://ssl-vg03.met.vgwort.de/blank.gif
Request Chain 36
  • https://eu.b2c.com/api/init-3x3fv4bnumjuywirt.js HTTP 307
  • https://api-18-185-124-12.b2c.com/api/embed-pI4kzSzOkLdFFUqq.js
Request Chain 59
  • https://de.ioam.de/tx.io?st=t3n&cp=t3nNews&sv=ke&fb=0&sc=yes&ct=00000000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=t3n.de&xy=1600x1200x24&lo=CH%2FZurich&cb=0019&i2=00195e43e387266835fae84be&ep=1631508945&vr=418&id=b3ypd5&i3=00195e43e387266835fae84be%3A1632834366947%3A1605272766947%3A.t3n.de%3A1%3At3n%3At3nNews%3Anoevent%3A1605272766947&n1=7&dntt=0&lt=1605272766948&ev=&cs=llf1yw&mo=1 HTTP 302
  • https://de.ioam.de/tx.io?st=t3n&cp=t3nNews&sv=ke&fb=0&sc=yes&ct=00000000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=t3n.de&xy=1600x1200x24&lo=CH%2FZurich&cb=0019&i2=00195e43e387266835fae84be&ep=1631508945&vr=418&id=b3ypd5&i3=00195e43e387266835fae84be%3A1632834366947%3A1605272766947%3A.t3n.de%3A1%3At3n%3At3nNews%3Anoevent%3A1605272766947&n1=7&dntt=0&lt=1605272766948&ev=&cs=llf1yw&mo=1&sr=71
Request Chain 98
  • https://api-18-185-124-12.b2c.com/api/x?pI4kzSzOkLdFFUqq$dXJsJDAkaHR0cHM6Ly90M24uZGUvbmV3cy9tYXplLXJhbnNvbXdhcmUtZ3J1cHBlLWVycHJlc3N1bmctMTMzMjg0My8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQwIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDEiLCJ3aW5kb3ckNCQxNjAweDEyMDAiLCJpbm5lciQ0JDE2MDB4MTIwMCIsIm91dGVyJDQkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDQkMSIsInNlc3Npb25TdG9yYWdlJDUkMSIsImFwcENvZGVOYW1lJDUkTW96aWxsYSIsImFwcE5hbWUkNSROZXRzY2FwZSIsImFwcFZlcnNpb24kNSQ1LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQ1JHRydWUiLCJkb05vdFRyYWNrJDUkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQ1JDE2IiwibGFuZ3VhZ2UkNSRlbi1VUyIsInBsYXRmb3JtJDUkTGludXggeDg2XzY0IiwicHJvZHVjdCQ1JEdlY2tvIiwicHJvZHVjdFN1YiQ1JDIwMDMwMTA3Iiwic2VuZEJlYWNvbiQ1JDEiLCJ1c2VyQWdlbnQkNSRNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkNSRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQ1JCIsImZvbnRyZW5kZXIkOSQxIiwid2ViZ2wkMTEkbi9hIiwidGltZSQxMSQxNjA1MjcyNzY3MzM5IiwidGltZXpvbmUkMTEkLTYwIiwicGx1Z2lucyQxMSROb25lIiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQxMSQxNi4zMTMwMzMiLCJtZW0tdXNlZEpTSGVhcFNpemUkMTEkMTMuNTkyMzY1IiwibWVtLWpzSGVhcFNpemVMaW1pdCQxMSQ0Mjk0LjcwNTE1MiIsInRpbWUtZG9tYWluTG9va3VwU3RhcnQkMTEkMSIsInRpbWUtZG9tYWluTG9va3VwRW5kJDExJDIiLCJ0aW1lLWNvbm5lY3RTdGFydCQxMSQyIiwidGltZS1jb25uZWN0RW5kJDExJDY0IiwidGltZS1zZWN1cmVDb25uZWN0aW9uU3RhcnQkMTEkMTkiLCJ0aW1lLXJlcXVlc3RTdGFydCQxMSQ2NCIsInRpbWUtcmVzcG9uc2VTdGFydCQxMSQxMDQiLCJ0aW1lLXJlc3BvbnNlRW5kJDExJDE0MyIsInRpbWUtZG9tTG9hZGluZyQxMSQxMDciLCJ0aW1lLWRvbUludGVyYWN0aXZlJDExJDg2MyIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50U3RhcnQkMTEkODY2IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRFbmQkMTEkODcyIiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDExJDAiLCJuYXZpZ2F0aW9uLXR5cGUkMTEkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkMTgkMC43NCIsImdsb2JhbHMkMTgkM2RiMjMwODQiLCJkb2N1bWVudC10aW1lJDI0JDIuMTk1IiwiZG9jdW1lbnQkMjQkYjQyZTYxZTMiLCJjb25uZWN0aW9uJDI1JCIsImRvd25saW5rTWF4JDI1JCIsImdldFVzZXJNZWRpYSQyNSQyIiwiY2xvY2skMzAkNDgyMCIsInBlcm1pc3Npb24tZ2VvbG9jYXRpb24kODEkcHJvbXB0IiwiYmF0dGVyeSQ4MiQxIDEgMCBJbmZpbml0eSIsImF1ZGlvY29udGV4dCQ4MyRmN2U3MTJkOSIsImludGVyc2VjdGlvbi1zaXplJDgzJDE2MDB4MTIwMCIsImludGVyc2VjdGlvbiQ4MyQyNyIsInNvcnQkMTA1JDE0LjE3IiwicGVybWlzc2lvbi1ub3RpZmljYXRpb25zJDE3NSRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQxNzUkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDE3NSRwcm9tcHQiLCJwZXJtaXNzaW9uLXBlcnNpc3RlbnQtc3RvcmFnZSQxNzYkcHJvbXB0IiwiYWRibG9jayQxNzYkMCIsImZyYW1lcmF0ZSQxNzYkMzA HTTP 302
  • https://api-18-185-124-12.b2c.com:444/api/4?pI4kzSzOkLdFFUqq
Request Chain 230
  • https://tracking.m6r.eu/consent/pixel?gdprFallback=referer HTTP 302
  • https://tracking.m6r.eu/consent/pixel?gdprFallback=referer&checkcookies=true
Request Chain 233
  • https://tracking.m6r.eu/consent/pixel?gdprFallback=referer HTTP 302
  • https://tracking.m6r.eu/consent/pixel?gdprFallback=referer&checkcookies=true
Request Chain 241
  • https://tracking.m6r.eu/sync/yieldlabRedirect?gdprFallback=true& HTTP 302
  • https://ad.yieldlab.net/m?dt_id=36356&ext_id=fa3c80c1962e0f9201fa1411e0927475&
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=-jyAwZYuD5IB-hQR4JJ0dQ& HTTP 302
  • https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_ula=158217889,0
Request Chain 243
  • https://tracking.m6r.eu/sync/appnexusRedirect?gdprFallback=true& HTTP 302
  • https://ib.adnxs.com/setuid?entity=197&code=fa3c80c1962e0f9201fa1411e0927475& HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D197%26code%3Dfa3c80c1962e0f9201fa1411e0927475%26
Request Chain 244
  • https://ih.adscale.de/adscale-ih/tpui?tpid=48&tpuid=fa3c80c1962e0f9201fa1411e0927475&cburl=https%3A%2F%2Ftracking.m6r.eu%2Fsync%2FadscaleSyncDone%3FuserBuyeruid%3Dfa3c80c1962e0f9201fa1411e0927475%26gdprFallback%3Dtrue%26userId%3Dadscale-user%3A__ADSCALE_USER_ID__& HTTP 302
  • https://ih.adscale.de/adscale-ih/tpui?tpid=48&tpuid=fa3c80c1962e0f9201fa1411e0927475&cburl=https%3A%2F%2Ftracking.m6r.eu%2Fsync%2FadscaleSyncDone%3FuserBuyeruid%3Dfa3c80c1962e0f9201fa1411e0927475%26gdprFallback%3Dtrue%26userId%3Dadscale-user%3A__ADSCALE_USER_ID__&&nut&uu=e1c0b1431fc74005be7c81fd253dedc4 HTTP 307
  • https://tracking.m6r.eu/sync/adscaleSyncDone?userBuyeruid=fa3c80c1962e0f9201fa1411e0927475&gdprFallback=true&userId=adscale-user:bdc2835b6918751efe834e5421508b3196714db7cc2e410ad86fbfd477798407
Request Chain 245
  • https://tracking.m6r.eu/sync/yieldlabRedirect?gdprFallback=true& HTTP 302
  • https://ad.yieldlab.net/m?dt_id=36356&ext_id=fc65a735ab8bca7865ef07f0c8ee027d&
Request Chain 246
  • https://tracking.m6r.eu/sync/appnexusRedirect?gdprFallback=true& HTTP 302
  • https://ib.adnxs.com/setuid?entity=197&code=fc65a735ab8bca7865ef07f0c8ee027d&
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_GWnNauLynhl7wfwyO4CfQ& HTTP 302
  • https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_ula=158217889,0
Request Chain 248
  • https://ih.adscale.de/adscale-ih/tpui?tpid=48&tpuid=fc65a735ab8bca7865ef07f0c8ee027d&cburl=https%3A%2F%2Ftracking.m6r.eu%2Fsync%2FadscaleSyncDone%3FuserBuyeruid%3Dfc65a735ab8bca7865ef07f0c8ee027d%26gdprFallback%3Dtrue%26userId%3Dadscale-user%3A__ADSCALE_USER_ID__& HTTP 302
  • https://ih.adscale.de/adscale-ih/tpui?tpid=48&tpuid=fc65a735ab8bca7865ef07f0c8ee027d&cburl=https%3A%2F%2Ftracking.m6r.eu%2Fsync%2FadscaleSyncDone%3FuserBuyeruid%3Dfc65a735ab8bca7865ef07f0c8ee027d%26gdprFallback%3Dtrue%26userId%3Dadscale-user%3A__ADSCALE_USER_ID__&&nut&uu=1b0ed514afa245f59c17302afeeb5c96 HTTP 307
  • https://tracking.m6r.eu/sync/adscaleSyncDone?userBuyeruid=fc65a735ab8bca7865ef07f0c8ee027d&gdprFallback=true&userId=adscale-user:1bb9f327c1a9e9a67672351cea2ec26819e0e5e5a272bb1da2d37382073551d4
Request Chain 256
  • https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715 HTTP 302
  • https://nugmw.userreport.com/rc-ap/ac8141c5-cdfd-4c93-a2e3-55d58d8eed0b/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEFiuwQMOgyXRDPGchgsCkIU&google_cver=1 HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEFiuwQMOgyXRDPGchgsCkIU&google_cver=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFiuwQMOgyXRDPGchgsCkIU&google_cver=1&apid=UP0572ca5f-25b1-11eb-ac54-06cba1e117e2
Request Chain 290
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=X66EywAAAKlI0Czr HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=X66EywAAAKlI0Czr&_origin=0&gdpr=0&gdpr_consent=&_test=X66EywAAAKlI0Czr HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=X66EywAAAKlI0Czr&_origin=0&gdpr=0&gdpr_consent=&_test=X66EywAAAKlI0Czr&apid=UP0572ca5f-25b1-11eb-ac54-06cba1e117e2
Request Chain 291
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://pixel.advertising.com/ups/55953/sync?uid=ec128f23-f1d1-4c69-972f-bb4ec3b3eb5a&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=ec128f23-f1d1-4c69-972f-bb4ec3b3eb5a
Request Chain 304
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1605272780354&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=30176012&cs_ucfr= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1605272780354&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=30176012&cs_ucfr=&cs_ak_ss=1

302 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/ 		213 KB
69 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.198.113.83 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
83.113.198.35.bc.googleusercontent.com
Software
/
Resource Hash
0d563c7f65ccfd8b475e1cc49a18d45216bf6511e234bbcbced09177bbf57e36

Request headers

:method
GET
:authority
t3n.de
:scheme
https
:path
/news/maze-ransomware-gruppe-erpressung-1332843/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:06 GMT
content-type
text/html
vary
Accept-Encoding
cache-control
no-cache
etag
W/ca4e171e066d263a306bcb878e3ad9833776f2a8
set-cookie
kpcv=2c1ab387-1d2c-4ca9-8504-4aeb638e95a4; Path=/; Expires=Fri, 13 Nov 2020 13:36:06 GMT; Max-Age=1800 kpcm=4f04dd24-c354-4689-b5a5-4b094c26585c; Path=/; Expires=Sun, 13 Dec 2020 13:06:06 GMT; Max-Age=2592000
x-cache-status
cached
content-encoding
gzip
main-1604397633.css
d1quwwdmdfumn6.cloudfront.net/t3n/2018/styles/ 		136 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/styles/main-1604397633.css
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
754a6101b0b54eaef57593d4f5e0032eb7fa8b9c6250f1c1f2dcf372ab959a68

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 00:32:47 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 10:00:55 GMT
server
AmazonS3
age
45200
etag
"e28032b02e21d20f9b01a4df1236ad55"
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=630720000, no-transform, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
25823
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-id
YOpuOypzwRs-g7JEHH74fgcOwssTklDe_KJexKUzp2Q7MV1Imj-34w==
iam.js
script.ioam.de/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.ioam.de/iam.js?m=1
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.100.39 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
script4.ioam.de
Software
nginx / BLACKBIRD-SRC v0.13 0019
Resource Hash
c46b731173fd1f7bd3ed3873cb42be32011b51dd7bd9c6cae9efd16cc2b36d70

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 13:06:06 GMT
Server
nginx
X-Powered-By
BLACKBIRD-SRC v0.13 0019
Vary
Accept-Encoding
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control
private, max-age=7200, pre-check=7200
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Expires
Fri, 13 Nov 2020 15:06:06 GMT
ad-scripts--vendor-1604397633.js
d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ 		244 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42c2ad582d46a0fd891666260d45e900764080c2bbb33f6670db0af25d00b01a

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 04:43:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 10:01:01 GMT
server
AmazonS3
age
289329
etag
"1082cb039e20321162af73b71c08d5fe"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=630720000, no-transform, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
79829
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-id
oo-LBEWeRMT7duGRwWsYBeCiNBvN2fTH92DM_e8D6vx5cHpahexeYQ==
gpt.js
www.googletagservices.com/tag/js/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
588b0bb87444845b0a7d35f03d15169534ecb848b0de5061870280c1baa835f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"692 / 152 of 1000 / last-modified: 1605269537"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
18136
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:06 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-5-213.fra6.r.cloudfront.net
Software
Server /
Resource Hash
c7714be5150899442faf570cab4e7846a794e81d6b420300148d1f5a9a405c7a

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:04:40 GMT
content-encoding
gzip
server
Server
age
85
etag
14b87a812615d68493a97e70b7b323fb
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=900
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
b3DHJUST3R5hbZL7Xr4NXdnM_p0HtUzRmkwyHR0KglVbh2_i5p-WmA==
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
ad-scripts--news-article-1604397633.js
d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--news-article-1604397633.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3815f641df4f838d40bc7ac88babf38738f83547e3494b06befb455cd2dc404b

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 04:43:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 10:00:56 GMT
server
AmazonS3
age
289329
etag
"766052420266e3795d94e9b337de13e2"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=630720000, no-transform, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2188
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-id
aqzbRbs4TsyZrGL0SU4wM5taGzx5jZQyvGASfbDxo1oEfXq0N7E6yA==
maze-ransomware.jpg
assets.t3n.sc/news/wp-content/uploads/2020/11/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.t3n.sc/news/wp-content/uploads/2020/11/maze-ransomware.jpg?auto=format&fit=crop&h=348&ixlib=php-2.3.0&w=620
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.94 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
94.14.190.35.bc.googleusercontent.com
Software
shield /
Resource Hash
c548b3635cbc4a0fd45cba871af16b98c98822fae7161d4b1d3514c0c08d14e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
via
1.1 google
x-content-type-options
nosniff
age
101173
x-cache
MISS, HIT
status
200
x-shield-request-id
faf695b46c9ee2beab9678b330c3b032
x-imgix-id
c777fa21df81d87c06490353b72181d0737d7e52
alt-svc
clear
content-length
60242
x-served-by
cache-sjc10069-SJC, cache-hkg17931-HKG
last-modified
Thu, 12 Nov 2020 08:59:54 GMT
server
shield
vary
Accept, User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=172800
accept-ranges
bytes
blank.gif
ssl-vg03.met.vgwort.de/
Redirect Chain
  • https://ssl-vg03.met.vgwort.de/na/6cb950aa1bba479b911f298b7bb10451
  • https://ssl-vg03.met.vgwort.de/blank.gif
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl-vg03.met.vgwort.de/blank.gif
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
161.156.66.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.42.9ca1.ip4.static.sl-reverse.com
Software
s2.52.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 13 Nov 2020 13:06:06 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
s2.52.0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Fri, 13 Nov 2020 13:06:06 GMT
Last-Modified
Fri, 13 Nov 2020 13:06:06 GMT
Server
s2.52.0
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Content-Type
text/html
Location
/blank.gif
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Tue, 22 Aug 2000 15:05:01 GMT
krixecker_big.jpg
storage.googleapis.com/t3n-de/neos/27d5439477b15c023ba182d8e58c746d16ac6d7a/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/t3n-de/neos/27d5439477b15c023ba182d8e58c746d16ac6d7a/krixecker_big.jpg
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e591edd0334c1d2ea573df12714d546ffcb92b4bd68a932aae7a05d38e7e719b

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 12:44:52 GMT
age
1274
x-guploader-uploadid
ABg5-Uyrcw1Qa_6A6HW_RGyChm094gFilDuDNCGlaCbkYxlo4lC5z1l-nJi4o7ArF7fDZsfu5K0wgbZIxTxOCKQwrEsMd1DKaA
x-goog-storage-class
REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3871
last-modified
Fri, 22 Dec 2017 15:57:15 GMT
server
UploadServer
etag
"164f5ff1945ce1f4e1c5ee88fbbf8c80"
vary
Origin
x-goog-hash
crc32c=L4w/KA==, md5=Fk9f8ZRc4fThxe6I+7+MgA==
x-goog-generation
1513958235106837
cache-control
public, max-age=1209600
x-goog-stored-content-length
3871
accept-ranges
bytes
content-type
image/jpeg
expires
Fri, 27 Nov 2020 12:44:52 GMT
ubilabs_600x600.png
images.t3n.sc/jobslogos/4c3f3bcbd8185d447c0805f4547770798f4fc7f2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.t3n.sc/jobslogos/4c3f3bcbd8185d447c0805f4547770798f4fc7f2/ubilabs_600x600.png?auto=format&fit=crop&h=80&ixlib=php-2.3.0&w=80
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.226 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
226.103.201.35.bc.googleusercontent.com
Software
shield /
Resource Hash
ede93f51c6f4ff2c7f36ad6bdd15a70a8486b09cfe13748798a453c486c3c7a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
via
1.1 google
x-content-type-options
nosniff
age
563325
x-cache
MISS, HIT
status
200
x-shield-request-id
3483e9e24dbd2b93b98eb17c9d1886c1
x-imgix-id
933babad5e4b787f7ca4935a578a9aab96767532
alt-svc
clear
content-length
4080
x-served-by
cache-sjc10054-SJC, cache-cdg20739-CDG
last-modified
Sat, 07 Nov 2020 00:37:21 GMT
server
shield
vary
Accept, User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
schenck_proces_europe_gmbh_600x600.jpg
images.t3n.sc/jobslogos/e1b7682667c77923be678d08f2c56977876c70ac/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.t3n.sc/jobslogos/e1b7682667c77923be678d08f2c56977876c70ac/schenck_proces_europe_gmbh_600x600.jpg?auto=format&fit=crop&h=80&ixlib=php-2.3.0&w=80
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.226 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
226.103.201.35.bc.googleusercontent.com
Software
shield /
Resource Hash
382dfff71e72ecc7828ca7a22c225be9d986e7d67a2a8c61697c7b9332b462b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
via
1.1 google
x-content-type-options
nosniff
age
260576
x-cache
HIT, HIT
status
200
x-shield-request-id
ca4cd0f3afe361a30298d3ea5422960a
x-imgix-id
8d5711168bef4a77bc8db139f9022b948cdd768c
alt-svc
clear
content-length
3902
x-served-by
cache-sjc10025-SJC, cache-cdg20766-CDG
last-modified
Tue, 10 Nov 2020 12:43:10 GMT
server
shield
vary
Accept, User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
n-ergie-icon-youtube-800x800px.png
images.t3n.sc/jobslogos/ad11bb74a68c0aed6e04b5f7915f12667d217c24/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.t3n.sc/jobslogos/ad11bb74a68c0aed6e04b5f7915f12667d217c24/n-ergie-icon-youtube-800x800px.png?auto=format&fit=crop&h=80&ixlib=php-2.3.0&w=80
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.226 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
226.103.201.35.bc.googleusercontent.com
Software
shield /
Resource Hash
acf7ef7b25b3d61dadf1e9a9c8042ef31366b74fe1fcbfcfce1a23679ba9a81c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
via
1.1 google
x-content-type-options
nosniff
age
352092
x-cache
MISS, HIT
status
200
x-shield-request-id
fc850061cb28628fca5dd0c815c39679
x-imgix-id
f1a1c4d1459cf35b820391e4685f1d78b97f9f78
alt-svc
clear
content-length
4060
x-served-by
cache-sjc10024-SJC, cache-cdg20776-CDG
last-modified
Mon, 09 Nov 2020 11:17:54 GMT
server
shield
vary
Accept, User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
outbrain.js
widgets.outbrain.com/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
30395233660fd7b907623fdab3c25aca7e33e2cab7797bcae92438826f86fdf1

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
content-encoding
gzip
edge-cache-tag
widget-cheetah
status
200
cookie
CheetahStaging=true
x-traceid
3758b22581a7a4a33b2b4c56c7de7e38
content-length
52295
last-modified
Mon, 09 Nov 2020 09:46:03 GMT
etag
W/"26679-1pnsuJuedolXptU5seiMJGDEL9M"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
timing-allow-origin
*
expires
Fri, 13 Nov 2020 17:06:06 GMT
/
js.smartredirect.de/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.smartredirect.de/js/?h=8pk0393K
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.80.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-80-139.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
d469a25e2644b25a523f24f1079f49b298a11fb97c081bd980f882500ed4dd73

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:06 GMT
Content-Encoding
gzip
Server
Apache
Connection
keep-alive
Content-Length
3863
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=UTF-8
t3n_adblocker_visual.png
images.t3n.sc/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.t3n.sc/t3n_adblocker_visual.png?auto=format&h=765&ixlib=php-2.3.0&w=480
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.226 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
226.103.201.35.bc.googleusercontent.com
Software
shield /
Resource Hash
65713f43bd9969c43bc3fc69d9d230ea86c34237700a5c018dfea00bb13f09d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
via
1.1 google
x-content-type-options
nosniff
age
1825
x-cache
MISS, HIT
status
200
x-shield-request-id
7e6171af625dfb7e584c82605ee9ba6a
x-imgix-id
a9b85da362d31baecfecd2766be90148b2efa761
alt-svc
clear
content-length
84334
x-served-by
cache-sjc10044-SJC, cache-cdg20732-CDG
last-modified
Fri, 13 Nov 2020 12:35:41 GMT
server
shield
vary
Accept, User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
agof-logo.png
d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/logos/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/logos/agof-logo.png
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
013a1425223dd83b00a9f56d727f91afd439e0611edde22e2e4b84d82006e95e

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 00:32:49 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified
Mon, 25 Mar 2019 10:52:10 GMT
server
AmazonS3
age
45198
etag
"eec50bb278c88b40f3be3d34f4a4e921"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=630720000, no-transform, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6454
x-amz-cf-id
9xywp9CRlUnkCL-YQtO7NJxaToygqZQwrccAbojaAxdbQ9s1650YCQ==
ivw.png
d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/logos/ivw.png
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b5d8764d76930b8134b2228c8d348e7d86bd2151710dbcd93b0ac9227a1ca10

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 00:32:49 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified
Wed, 05 Dec 2018 10:22:22 GMT
server
AmazonS3
age
45198
etag
"7205a25ba591e73f5c8d51b31d8006e2"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=630720000, no-transform, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2404
x-amz-cf-id
nmKGzcAjmCDz-JzM-5aVPlvtJVOOuBzIWpnNEbsLXhDHlRQRULndog==
kununu-top-company.png
d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/logos/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/logos/kununu-top-company.png
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
743b07c8c9d666858ef74af4a20eeed240d42e198e22ff68c2bd8a6519ee34cc

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 00:32:49 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2018 13:46:29 GMT
server
AmazonS3
age
45198
etag
"499f8859167113bc4446106ab499dcf4"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=630720000, no-transform, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
8509
x-amz-cf-id
9Zd68mQzI6LdhhfgguVHO-EQtOFesjfZHc-cMr3b7Nb_BKOA2WV03A==
kununu-open-company.png
d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/logos/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/logos/kununu-open-company.png
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37dd69dd5b2c8542601cfc176a700448d1b6d40bfd9f28732f04752dbd3af728

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 00:32:49 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2018 13:46:28 GMT
server
AmazonS3
age
45198
etag
"2411ba503e0fd2d018649617af73c8eb"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=630720000, no-transform, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
7863
x-amz-cf-id
bGqFGDfxcdbe819NJCTJj3A9SLrTeU-0mPAzsiVfJbrKZDFv7tpjfQ==
main-1604397633.js
d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/main-1604397633.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1648b99d9f360cfff6319afa69f8f13c131a719351554fd285dcb55cd51e4299

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 04:43:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 10:01:02 GMT
server
AmazonS3
age
289329
etag
"a391859bc54780261632cdae4c663e4a"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=630720000, no-transform, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
32506
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-id
UbPH4xHFYqIPtP6pxDVdtYRw7d2BDRTAE2fs85e4lHanLPc7UnNpmw==
cookienotice-scripts.js
d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/cookienotice-scripts.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2d03a756e78666db24d1c9751a0e0fc4e6a631e61d48eb4618a541c41d06bab

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 04:43:58 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 10:48:32 GMT
server
AmazonS3
age
289329
etag
"eee8361fd3ce82b1910a0c2fa21fafe4"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=630720000, no-transform, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1076
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-id
t9bW-GJBb9ag00Mg4hRSED2XjhMU2Kp7dZYGjPxEEVPKuok1_ZVY3Q==
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js?ver=5.5.3
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B5) /
Resource Hash
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1003
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28698
x-tw-cdn
VZ
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
Server
ECS (fcn/40B5)
Etag
"a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
/
api.t3n.de/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.t3n.de/
Protocol
H2
Server
35.246.218.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.218.246.35.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
apollographql-client-name,content-type
Origin
https://t3n.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Fri, 13 Nov 2020 13:06:06 GMT
x-powered-by
Express
access-control-allow-origin
https://t3n.de
vary
Origin, Access-Control-Request-Headers
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
apollographql-client-name,content-type
aaw7wzt.js
use.typekit.net/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/aaw7wzt.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
56d1e635eca61ff1fa4df1b485070299b68e5291660dfb20bc4e8c6819441339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
status
200
date
Fri, 13 Nov 2020 13:06:06 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
6835
gtm.js
www.googletagmanager.com/ 		251 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJGTHP
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
59fda40038a4fe903bee067f25755305893fe201fd31a752cb1e1a37a90ae4b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50600
x-xss-protection
0
last-modified
Fri, 13 Nov 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Nov 2020 13:06:06 GMT
/
api.t3n.de/ 		29 B
234 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.t3n.de/
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.218.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.218.246.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
a19929780fe4560296a811a4270c742ca8cc94393700b467d148e53a26f72435

Request headers

apollographql-client-name
t3n-frontend
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
status
200
x-powered-by
Express
etag
W/"1d-YDUHKYlC60rl+3RZstBx9EeWHD0"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://t3n.de
access-control-allow-credentials
true
content-length
29
mj
t3n.de/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t3n.de/mj
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.198.113.83 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
83.113.198.35.bc.googleusercontent.com
Software
/
Resource Hash
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Fri, 13 Nov 2020 13:06:06 GMT
content-encoding
gzip
last-modified
Fri, 16 Oct 2020 11:55:24 GMT
etag
W/"5f898a2c-1131c"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=3600, public
expires
Fri, 13 Nov 2020 14:06:06 GMT
pubads_impl_2020111001.js
securepubads.g.doubleclick.net/gpt/ 		276 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
f1b23a6200bdb4728ad055b6439a7055e73c62e61a97804fa6ac13871164c198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99726
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 09:44:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Nov 2020 13:06:06 GMT
l
use.typekit.net/af/9f2f2a/00000000000000003b9acf30/27/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9f2f2a/00000000000000003b9acf30/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
0e61bbf1fcf3573627de44aa6799cce3ed481ae1962ad7d98f9a996db96f8c8f

Request headers

Origin
https://t3n.de
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
server
nginx
etag
"cead359c4b45407be04b075734084dfc296015c0"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
42004
l
use.typekit.net/af/708bdf/00000000000000003b9acf2e/27/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/708bdf/00000000000000003b9acf2e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
0f518a0d5924fd3fe75fb5571c8c7e9ba80fa9dc66aa8a3b11883de86d42583b

Request headers

Origin
https://t3n.de
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
server
nginx
etag
"ab080c56fce5d8bf34976a9f438979e817ec3651"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
44260
l
use.typekit.net/af/03e1a3/00000000000000003b9acf2d/27/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/03e1a3/00000000000000003b9acf2d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
3388130914aa9782e9d5a20234f4dcd5055bd86a9a9ed579ab84a597107c3593

Request headers

Origin
https://t3n.de
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
server
nginx
etag
"c85df0a9a8d5ceea0379089b42901c24f9cf3cd3"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
42016
fbevents.js
connect.facebook.net/en_US/ 		89 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23272
x-xss-protection
0
pragma
public
x-fb-debug
xRCEsftdM4ZX5QoxPhb4SLN6q4GliQ9YC+CUVdRmbcHci1YmRdiBXB0Epb1/4Ovm1D1awQTKTxiZN8/VR5okUw==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Fri, 13 Nov 2020 13:06:06 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
script.js
widgets.getsitecontrol.com/56063/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.getsitecontrol.com/56063/script.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-367 /
Resource Hash
a76aa642ad6a5135ea7fbbd29f994c284adf2458a0ca3de1ff58a6eaa6aaee28

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
content-encoding
br
cdn-edgestorageid
367, 617
x-amz-request-id
ENAS7N2V0TDP7M3T
status
200
cdn-cachedat
2020-11-13 11:08:08
cdn-pullzone
44619
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
mqd+hsXpOql0DOWXBDv7dOdHjjwT1YInS9P1NDZ2ZPLDt+jFUno+TQR5fH/dj/S1xiIXh+MJ0Us=
access-control-allow-origin
*
last-modified
Fri, 13 Nov 2020 10:08:04 GMT
server
BunnyCDN-DE1-367
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=5
cdn-requestid
e71b9e245cadeb8dead17878966ff10f
cdn-requestcountrycode
DE
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
fEdeZH2RfgRTdnXh6.js
static.cleverpush.com/channel/loader/ 		456 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/fEdeZH2RfgRTdnXh6.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a71d39e728da7e82a76b463ffdb8e8119b54713820807b8c10bbf2f17c874f6f

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
17515
cf-polished
origSize=467116
status
200
x-amz-request-id
3D698DB5D9360837
x-amz-id-2
B76/MQmJl/SwW330gtVbpg6CD3rWOC/xcrnqAzl7RTqek5oVEs3wAJjzUn5aF59Yhoz98YG54XQ=
last-modified
Fri, 13 Nov 2020 00:05:16 GMT
server
cloudflare
etag
W/"0049cece799090ed4b2fd3ebdf7455eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FSYP8bCiCJ7fGuoMU2083QsCaIZiTW%2F69TWqMK8ovll8hzInAgvOwd1w5YNSUJ%2FwghWw4adF2RFXziNCuWCYtzv1V4vw19yZPHs2KyLE3B9UJnNqkbZz%2B%2BCWkgva4L3CCDM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=21600
cf-request-id
06634fa16d000096b0a81e4000000001
cf-ray
5f18b548ad2696b0-FRA
cf-bgj
minify
8sB8pXMRw82t
cdn.onthe.io/io.js/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onthe.io/io.js/8sB8pXMRw82t
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJGTHP
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.11.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.11.202.116.clients.your-server.de
Software
nginx /
Resource Hash
60e85afa70e34a2ff413e86cfbb62baafa1bd1a1468f25cd5bad287cddc03d5c

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 10:05:15 GMT
Server
nginx
ETag
W/"5f48d6db-e85d"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Sat, 14 Nov 2020 13:06:06 GMT
AGSKWxUdpOVwxeyj8riJQT-3yEsJOrVvRqSDnZY9eVoSXUOO8Z-UNkSqWDrHhlLHZGofyBPzMXEfR5upaPCZWeXY2bY=
fundingchoicesmessages.google.com/f/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUdpOVwxeyj8riJQT-3yEsJOrVvRqSDnZY9eVoSXUOO8Z-UNkSqWDrHhlLHZGofyBPzMXEfR5upaPCZWeXY2bY=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e90cbdc7526cb9a2cebcc8d7f607711eca19fc44c341c1c6d3c3f4ca3fa693e2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XhMo6ZrkLch3WNL1R4b2eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-XhMo6ZrkLch3WNL1R4b2eg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-XhMo6ZrkLch3WNL1R4b2eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-XhMo6ZrkLch3WNL1R4b2eg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Fri, 13 Nov 2020 13:06:06 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
embed-pI4kzSzOkLdFFUqq.js
api-18-185-124-12.b2c.com/api/
Redirect Chain
  • https://eu.b2c.com/api/init-3x3fv4bnumjuywirt.js
  • https://api-18-185-124-12.b2c.com/api/embed-pI4kzSzOkLdFFUqq.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-18-185-124-12.b2c.com/api/embed-pI4kzSzOkLdFFUqq.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d014:c09:7602:6575:8072:5ae8:ba76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
be4caf1a8c2c39887fe1b7ee2baaaed080ab4d05fa19e254aaac73955c0a1470

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:07 GMT
content-encoding
gzip
server
openresty
content-type
text/javascript
status
200
cache-control
no-cache, no-store, must-revalidate
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:06 GMT
server
openresty
status
307
content-type
text/html; charset=utf-8
location
//api-18-185-124-12.b2c.com/api/embed-pI4kzSzOkLdFFUqq.js
cache-control
no-cache, no-store, must-revalidate
content-length
168
expires
-1
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJGTHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6618
date
Fri, 13 Nov 2020 11:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 13 Nov 2020 13:15:48 GMT
p.gif
p.typekit.net/ 		35 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=aaw7wzt&ht=tk&h=t3n.de&f=17007.17013.17016&a=4804013&js=1.20.0&app=typekit&e=js&_=1605272766826
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:581::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
last-modified
Wed, 24 Jun 2020 21:05:53 GMT
server
nginx
etag
"5ef3c031-23"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
35
mp
t3n.de/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t3n.de/mp
Requested by
Host: t3n.de
URL: https://t3n.de/mj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.198.113.83 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
83.113.198.35.bc.googleusercontent.com
Software
/ PHP/7.4.10
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

status
204
date
Fri, 13 Nov 2020 13:06:06 GMT
referrer-policy
origin
access-control-allow-credentials
true
x-powered-by
PHP/7.4.10
access-control-allow-origin
https://t3n.de
runtime.2.10.4.js
st.getsitecontrol.com/main/runtime/ 		403 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.getsitecontrol.com/main/runtime/runtime.2.10.4.js
Requested by
Host: widgets.getsitecontrol.com
URL: https://widgets.getsitecontrol.com/56063/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-367 /
Resource Hash
e99235caac1dc00f2fb631896feceafc55cadc5fd0bfd6cc673da6dac3f59af2

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
content-encoding
br
cdn-edgestorageid
367
x-amz-request-id
853293298F7A93D3
status
200
cdn-cachedat
2020-01-19 05:18:46
cdn-pullzone
44631
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
x0KdKodzy6sg8OZAucrT5gWYH549bVeJd0AfvWZqrlBc6HBrzcBU7aAXVEn5BuvMN/ZNCJCdEv8=
access-control-allow-origin
*
last-modified
Mon, 24 Sep 2018 08:05:29 GMT
server
BunnyCDN-DE1-367
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=2592000
cdn-requestid
55906faec90137ca8f48633be2d1887d
cdn-requestcountrycode
DE
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
456484944530979
connect.facebook.net/signals/config/ 		235 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/456484944530979?v=2.9.28&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce96e2687e3c2b151397d346ddee40840cf8777101d455ca25531dd8e4a79e2c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70089
x-xss-protection
0
pragma
public
x-fb-debug
zp0fxA2uFjoGdagnl5qnTMrueafQKbUzdgBtM2xcrche9aKWckvULN3Ezhn2d4Ebc+IfbO4c57A97iTrt/zsdg==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Fri, 13 Nov 2020 13:06:06 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=1876059639&t=pageview&_s=1&dl=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&ul=en-us&de=UTF-8&dt=Digitale%20Erpressung%3A%20Bekannte%20Ransomware-Gruppe%20will%20angeblich%20aufh%C3%B6ren&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=965338375&gjid=442121880&cid=1334451741.1605272767&tid=UA-289892-8&_gid=1537994848.1605272767&_r=1&gtm=2wgb41MJGTHP&cd1=desktop&cd2=Kim%20Rixecker&cd3=Software%20%26%20Infrastruktur&cd4=News&cd5=03112020&cd6=0&cd11=news-article-1332843&z=1499068695
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://t3n.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=456484944530979&ev=PageView&dl=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&rl=&if=false&ts=1605272766884&sw=1600&sh=1200&v=2.9.28&r=stable&ec=0&o=30&fbp=fb.1.1605272766883.805173831&it=1605272766840&coo=false&rqm=GET
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 13 Nov 2020 13:06:06 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=456484944530979&ev=t3nArtikel&dl=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&rl=&if=false&ts=1605272766886&cd[t3nAuthor]=Kim%20Rixecker&cd[t3nRessort]=Software%20%26%20Infrastruktur&cd[t3nArticleType]=News&cd[t3nArticleID]=news-article-1332843&sw=1600&sh=1200&v=2.9.28&r=stable&ec=1&o=30&fbp=fb.1.1605272766883.805173831&it=1605272766840&coo=false&rqm=GET
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 13 Nov 2020 13:06:06 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-5-213.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 16:38:07 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
73679
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Wed, 30 Sep 2020 05:43:29 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
RJ8oV3TIYf8xrX0HaajhafYtN5v86_wThlTL2kg3ShhK7T2k-mIf5g==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20201113
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5cfa43df3c781b6fb0860331cf2a7fca4f1d349f82083c8046e65918c77bc7dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
17483
x-cache
HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
765
etag
W/"540-st5YtWnwIb5jdx4ZJn+EMDCCG+0"
x-served-by
cache-fra19128-FRA
date
Fri, 13 Nov 2020 13:06:06 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20480&site_id=252072&zone_id=1248830%3B1248828%3B1248824%3B1248822%3B1248820%3B1248816%3B1248814%3B1248814%3B1248814%3B1248814&size_id=15%3B15%3B15%3B15%3B15%3B15%3B9%3B9%3B9%3B8&alt_size_ids=16%3B%3B16%3B10%3B16%3B%3B8%2C10%2C126%3B8%2C126%3B8%3B&rf=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&tk_flint=pbjs_lite_v4.11.0&x_source.tid=af69f182-f1d0-406b-8406-68a779d32263%3B6d57be25-035c-460b-a176-0b3d09d3da78%3B0cbcea0f-ea5a-4947-9845-4324b3d2f7cb%3Bc600c1b9-576d-471c-9d47-c7cfcb9548f0%3Ba7cb7a3e-6b70-4722-a7b5-6b3147ecc9e2%3Bb18296e8-4a1e-457d-a77e-08e4ea31bfc0%3B96e4493f-8f7f-46ed-ae4a-73caf16bb8c4%3Bb75e7211-d26e-44b3-8895-7ce699f52018%3B1cf8b429-ca20-4923-9c3b-6be7bbe2cc58%3Bb601d41a-cd71-44fd-8fbd-821c02201469&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=10&rand=0.44661408097458977
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5ee5f78f316022872ea96d3893624cf24f24afa39044109ab2d473c85702ace3

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:07 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://t3n.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1791
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		350 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20480&site_id=252072&zone_id=1248812%3B1248810&size_id=2&alt_size_ids=55%2C57%2C125&rf=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&tk_flint=pbjs_lite_v4.11.0&x_source.tid=473b3f8f-88b3-4b16-bfe2-49f25c7d1935%3B939cd47e-baea-4fb1-921d-5217c5495509&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=2&rand=0.13226501438587523
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
741fab5dfaf0c6c749d7e15116a81dff4f136eab2b1e0242ee711f7a78108e18

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:07 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://t3n.de
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
350
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
buyer.dspx.tv/request/ 		43 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buyer.dspx.tv/request/?_f=html&alternative=prebid_js&inventory_item_id=1009&srw=300&srh=250&idt=100&rnd=15414839470&ref=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&bid_id=15c71d182d9ff75&pfilter%5BinjTagId%5D=p6
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.65.177 , Germany, ASN16276 (OVH, FR),
Reverse DNS
buyer13.dspx.tv
Software
nginx /
Resource Hash
1f1aafaf7aec63bc5a738b136dac4291d244b7c8181367fb76791411ade81f0b

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 13:06:06 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://t3n.de
Charset
UTF-8
Cache-Control
must-revalidate, no-cache, no-store, private
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Mon, 28 Jul 1997 05:00:00 GMT
/
buyer.dspx.tv/request/ 		43 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buyer.dspx.tv/request/?_f=html&alternative=prebid_js&inventory_item_id=1008&srw=120&srh=600&idt=100&rnd=51096648181&ref=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&bid_id=16c7de2e4d9b369
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.65.177 , Germany, ASN16276 (OVH, FR),
Reverse DNS
buyer13.dspx.tv
Software
nginx /
Resource Hash
1f1aafaf7aec63bc5a738b136dac4291d244b7c8181367fb76791411ade81f0b

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 13:06:06 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://t3n.de
Charset
UTF-8
Cache-Control
must-revalidate, no-cache, no-store, private
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Mon, 28 Jul 1997 05:00:00 GMT
/
buyer.dspx.tv/request/ 		43 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buyer.dspx.tv/request/?_f=html&alternative=prebid_js&inventory_item_id=1008&srw=120&srh=600&idt=100&rnd=11980256208&ref=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&bid_id=1783961f06aa526
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.65.177 , Germany, ASN16276 (OVH, FR),
Reverse DNS
buyer13.dspx.tv
Software
nginx /
Resource Hash
1f1aafaf7aec63bc5a738b136dac4291d244b7c8181367fb76791411ade81f0b

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 13:06:07 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://t3n.de
Charset
UTF-8
Cache-Control
must-revalidate, no-cache, no-store, private
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Mon, 28 Jul 1997 05:00:00 GMT
/
buyer.dspx.tv/request/ 		43 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buyer.dspx.tv/request/?_f=html&alternative=prebid_js&inventory_item_id=1008&srw=120&srh=600&idt=100&rnd=91575553835&ref=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&bid_id=18d57f31226e44d
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.65.177 , Germany, ASN16276 (OVH, FR),
Reverse DNS
buyer13.dspx.tv
Software
nginx /
Resource Hash
1f1aafaf7aec63bc5a738b136dac4291d244b7c8181367fb76791411ade81f0b

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 13:06:07 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://t3n.de
Charset
UTF-8
Cache-Control
must-revalidate, no-cache, no-store, private
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Mon, 28 Jul 1997 05:00:00 GMT
/
buyer.dspx.tv/request/ 		43 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://buyer.dspx.tv/request/?_f=html&alternative=prebid_js&inventory_item_id=1008&srw=120&srh=600&idt=100&rnd=4055901078&ref=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&bid_id=19f8d6f15c7fe87
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.65.177 , Germany, ASN16276 (OVH, FR),
Reverse DNS
buyer13.dspx.tv
Software
nginx /
Resource Hash
1f1aafaf7aec63bc5a738b136dac4291d244b7c8181367fb76791411ade81f0b

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 13:06:07 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://t3n.de
Charset
UTF-8
Cache-Control
must-revalidate, no-cache, no-store, private
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Mon, 28 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:07 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.144:80
AN-X-Request-Uuid
80ffd566-c6b2-4bb5-bbb6-aa6e0112933d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://t3n.de
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xhr
pre.ads.justpremium.com/v/2.0/t/ 		49 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1605272766932
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.10.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-10-179.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3d3dd3447c3e96007f56f98a47a1e93e64a3888f085809ce62f54bd18c9e046c

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:07 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://t3n.de
content-encoding
gzip
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 13 Nov 2020 13:06:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://t3n.de
cdb
bidder.criteo.com/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.11.0&cb=46290082788
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 13 Nov 2020 13:06:06 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://t3n.de
timing-allow-origin
*
vary
Origin
cygnus
htlb.casalemedia.com/ 		25 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=421838&v=7.2&r=%7B%22id%22%3A%229143366e49b0ef6%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22922c5f35bc402d1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421838%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2293c520b95493aa3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421838%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22944a7cf546061a4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421837%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2295d28126bbba5a2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421836%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2296c83ff6a184d22%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421836%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22972101ba777ece%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421835%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2298516b9170ab526%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421835%22%2C%22sid%22%3A%22300x125%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A125%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22993c68a698056b7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421835%22%2C%22sid%22%3A%22300x400%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A400%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210036ca10b79223a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421835%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22101e07989d5b6754%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421834%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210289d9e8bed4357%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421834%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210304e22eda84f68%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421833%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22104f697daf758b41%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421833%22%2C%22sid%22%3A%22300x125%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A125%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22105399edd97d6a17%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421833%22%2C%22sid%22%3A%22300x400%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A400%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22106712e8b7c4fd72%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421832%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22107c04ef311fd037%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421832%22%2C%22sid%22%3A%22200x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221085484efcbc99e4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421832%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221093680ef449573d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421832%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221102ed43a99a0163%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421832%22%2C%22sid%22%3A%22200x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22111a9ddd36312153%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421832%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22112da6644badfddd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421832%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211349a74e7439c08%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421832%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221143b656b514850d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421832%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22115a3b66ba2e8efd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421832%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22116e473f2f9417c9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421831%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22117f4926d66afafc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421831%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22118b9094753d1a1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421831%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22119373656f55ab44%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421831%22%2C%22sid%22%3A%22800x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A800%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212077bf3bf300da8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421830%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221210057ca81bd0fb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421830%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221220998b8fce0e4f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421830%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221230811f203bd093%22%2C%22ext%22%3A%7B%22siteID%22%3A%22421830%22%2C%22sid%22%3A%22800x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A800%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e7136007b428af69cf300b6f2f51ebe7ab50796430777fa462282ec95fd0b9d2

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
content-encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
status
200
x-cs-client-geo
12
content-length
45
x-ak-client-geo
12
pragma
no-cache
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://t3n.de
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
expires
Fri, 13 Nov 2020 13:06:07 GMT
tx.io
de.ioam.de/
Redirect Chain
  • https://de.ioam.de/tx.io?st=t3n&cp=t3nNews&sv=ke&fb=0&sc=yes&ct=00000000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=t3n.de&xy=1600x1200x24&lo=CH%2FZurich&cb=0019&i2=00195e43e387266835fae84be&ep=163150894...
  • https://de.ioam.de/tx.io?st=t3n&cp=t3nNews&sv=ke&fb=0&sc=yes&ct=00000000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=t3n.de&xy=1600x1200x24&lo=CH%2FZurich&cb=0019&i2=00195e43e387266835fae84be&ep=163150894...
0
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.ioam.de/tx.io?st=t3n&cp=t3nNews&sv=ke&fb=0&sc=yes&ct=00000000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=t3n.de&xy=1600x1200x24&lo=CH%2FZurich&cb=0019&i2=00195e43e387266835fae84be&ep=1631508945&vr=418&id=b3ypd5&i3=00195e43e387266835fae84be%3A1632834366947%3A1605272766947%3A.t3n.de%3A1%3At3n%3At3nNews%3Anoevent%3A1605272766947&n1=7&dntt=0&lt=1605272766948&ev=&cs=llf1yw&mo=1&sr=71
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS
de3.ioam.de
Software
nginx / BLACKBIRD-RCV v1.06.2 0045
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:07 GMT
Server
nginx
X-Powered-By
BLACKBIRD-RCV v1.06.2 0045
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date
Fri, 13 Nov 2020 13:06:07 GMT
Access-Control-Allow-Origin
*
X-Powered-By
BLACKBIRD-RCV v1.06.2 0045
Transfer-Encoding
chunked
P3P
policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection
keep-alive
Pragma
no-cache
Last-Modified
Fri, 13 Nov 2020 13:06:07 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
/tx.io?st=t3n&cp=t3nNews&sv=ke&fb=0&sc=yes&ct=00000000000000&pt=CP&ps=lin&er=N22&rf=&r2=&ur=t3n.de&xy=1600x1200x24&lo=CH%2FZurich&cb=0019&i2=00195e43e387266835fae84be&ep=1631508945&vr=418&id=b3ypd5&i3=00195e43e387266835fae84be%3A1632834366947%3A1605272766947%3A.t3n.de%3A1%3At3n%3At3nNews%3Anoevent%3A1605272766947&n1=7&dntt=0&lt=1605272766948&ev=&cs=llf1yw&mo=1&sr=71
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires
Wed, 13 Nov 2019 13:06:07 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-289892-8&cid=1334451741.1605272767&jid=965338375&gjid=442121880&_gid=1537994848.1605272767&_u=YEBAAAAAAAAAAC~&z=33069124
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 13 Nov 2020 13:06:06 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://t3n.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
targeting
app.getsitecontrol.com/api/v1/ 		116 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.getsitecontrol.com/api/v1/targeting?ts=1605272767007
Requested by
Host: st.getsitecontrol.com
URL: https://st.getsitecontrol.com/main/runtime/runtime.2.10.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.93.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-93-18.compute-1.amazonaws.com
Software
getsitecontrol targeting /
Resource Hash
040155d2835e5eb42bd7e61231c7f26e6e21ce63b21365de2bb377d001640796

Request headers

Accept
application/json
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
server
getsitecontrol targeting
status
200
access-control-allow-methods
GET,POST
content-type
application/json
access-control-allow-origin
*
cache-control
private:max-age=3600
access-control-allow-credentials
false
access-control-allow-headers
Content-Type,X-Requested-With
content-length
116
border-dotted.svg
d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/core/ 		168 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/core/border-dotted.svg
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/styles/main-1604397633.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e35e9964cae5632625a1256747b7862435fa65688f1eb5e1c8983907bc36f142

Request headers

Referer
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/styles/main-1604397633.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 04:43:58 GMT
content-encoding
gzip
last-modified
Fri, 01 Mar 2019 09:21:42 GMT
server
AmazonS3
age
289330
etag
"f59556543a472c8cc21071d646b477e0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=630720000, no-transform, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
158
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-id
x6MzgMfvK65C-WbuK7GqYXmnoRTnaT0G9yZQ4hDVzMfAWfODtNJDXQ==
newsletter-box-header.png
d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/newsletter/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/newsletter/newsletter-box-header.png
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/styles/main-1604397633.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
452bb882c28b398f56200d764844f01dbc8f7c3ce5217e0abbf063a5c237649b

Request headers

Referer
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/styles/main-1604397633.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 00:32:49 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified
Fri, 06 Mar 2020 12:55:45 GMT
server
AmazonS3
age
45199
etag
"3eaf63a123fcfc6fc889d2a23025e02d"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=630720000, no-transform, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
13331
x-amz-cf-id
77-D0HTMUk0hTQ41j2tcd3R4h9dSBNpIrEYaZHI9M9TfdGBgCdBuVw==
truncated
/ 		164 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
452a57881e3ccfc8c5b1b1216591714c70142299c42ba3769cdf9847fb0e56b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
AGSKWxX13zmlWtbz7N7I9mc9sGXn_RkioNIQPV4o6vQFxJolm-QUynlbV3TPyQjd5fCOp3KG5DKRmCUjcEwR3VA2KrU=
fundingchoicesmessages.google.com/f/ 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX13zmlWtbz7N7I9mc9sGXn_RkioNIQPV4o6vQFxJolm-QUynlbV3TPyQjd5fCOp3KG5DKRmCUjcEwR3VA2KrU=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjA1MjcyNzY3LDYxMDAwMDAwXSwiQTg3NEFERjktMkQ2NC00ODFGLUI3RkQtRkRBRTYxODFGMTdFIiwiNzNBNTVDNzAtRjgwNy00QkE1LUI0N0MtMTE3NTA3OTI1ODg1IixudWxsLFtudWxsLFs3XV1d
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
437b7415c933cf7359c12548faeda447c7717739bea736d8cd546b5ca6e760c7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-stCZHAZ8b4yg5JbRqXhW/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-stCZHAZ8b4yg5JbRqXhW/w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-stCZHAZ8b4yg5JbRqXhW/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-stCZHAZ8b4yg5JbRqXhW/w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Fri, 13 Nov 2020 13:06:07 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU7OFKslMcghtapxfqET0FD_p4mDUOIflwFxMr-VWvyA4P3Gptuyc8AUCbpAmCS2gc9DrWKJYgr2gagv4RnwLQ=
fundingchoicesmessages.google.com/l/ 		0
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxU7OFKslMcghtapxfqET0FD_p4mDUOIflwFxMr-VWvyA4P3Gptuyc8AUCbpAmCS2gc9DrWKJYgr2gagv4RnwLQ=?pvid=A874ADF9-2D64-481F-B7FD-FDAE6181F17E&anonid=73A55C70-F807-4BA5-B47C-117507925885
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.q3pN7AO3T6k.es5.O/d=1/ct=zgms/rs=AJlcJMzLdAvePp80WdpHNSYdg_y2h9nMFg/m=loader_js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ce1ApzZa6BVET3QZZtXUmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ce1ApzZa6BVET3QZZtXUmg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
x-content-type-options
nosniff
status
204
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://t3n.de
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-ce1ApzZa6BVET3QZZtXUmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ce1ApzZa6BVET3QZZtXUmg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-289892-8&cid=1334451741.1605272767&jid=965338375&_u=YEBAAAAAAAAAAC~&z=153607205
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-289892-8&cid=1334451741.1605272767&jid=965338375&_u=YEBAAAAAAAAAAC~&z=153607205
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.t3n.de/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.t3n.de/
Protocol
H2
Server
35.246.218.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.218.246.35.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
apollographql-client-name,content-type
Origin
https://t3n.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Fri, 13 Nov 2020 13:06:07 GMT
x-powered-by
Express
access-control-allow-origin
https://t3n.de
vary
Origin, Access-Control-Request-Headers
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
apollographql-client-name,content-type
/
api.t3n.de/ 		2 KB
943 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.t3n.de/
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.218.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.218.246.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
0b3f56dde948989b312dedf10ff2bfe93e83af72a90d28cb122a03c9aff54c9d

Request headers

apollographql-client-name
t3n-frontend
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
content-encoding
gzip
etag
W/"6b9-lhOP7KT0z2jHhN7LvHLGVjzmrb0"
status
200
x-powered-by
Express
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://t3n.de
access-control-allow-credentials
true
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame C7F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-19.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

status
200
accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1604992538.747282"
last-modified
Mon, 09 Nov 2020 09:45:24 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Fri, 13 Nov 2020 13:06:07 GMT
timing-allow-origin
*
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1605272767~rv=5~id=34390ad69091c51d67d54f0b00156957; path=/; Expires=Fri, 13 Nov 2020 13:06:07 GMT; Secure; SameSite=None
dDNuLmRl
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/dDNuLmRl
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.84.57.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-57-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:07 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=32091
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
4c319a85ed4d1ec00a4e58a602a1a00c
Content-Length
16
Expires
Fri, 13 Nov 2020 22:00:58 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=5.140226267803136
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-19.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
status
200
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 13 Dec 2020 13:06:07 GMT
icon-arrow-down.svg
d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/icons/ 		114 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/images/icons/icon-arrow-down.svg
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/styles/main-1604397633.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf74996011e08e185fe0175a67d767ecae5c633aa30e37d8c559cda8774bc58b

Request headers

Referer
https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/styles/main-1604397633.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 14:53:03 GMT
content-encoding
gzip
last-modified
Fri, 01 Mar 2019 09:21:44 GMT
server
AmazonS3
age
252785
etag
"f903c8e4ebe462de5fd73e930400a088"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=630720000, no-transform, public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
123
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-id
KmNtuddnfWgqbPY9r2x5LYnZTWsKSCHM62x9Z2anSFG8hc0xc_Ozpg==
abpc.js
abp.smartadcheck.de/js/ 		14 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abp.smartadcheck.de/js/abpc.js?
Requested by
Host: js.smartredirect.de
URL: https://js.smartredirect.de/js/?h=8pk0393K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.114.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-114-129.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
35bc4f7920357770636b9de74f8c70a59a3869cb68da4f77d6b64c288ffea5f0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Sep 2013 16:52:46 GMT
Server
Apache
ETag
"81007-e-4e61e73613380"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34
collect
www.google-analytics.com/ 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=1876059639&t=event&ni=0&_s=1&dl=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&ul=en-us&de=UTF-8&dt=Digitale%20Erpressung%3A%20Bekannte%20Ransomware-Gruppe%20will%20angeblich%20aufh%C3%B6ren&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RessortPageviews&ea=Software%20%26%20Infrastruktur&ev=100&_u=aEDAAAABAAAAAC~&jid=&gjid=&cid=1334451741.1605272767&tid=UA-289892-8&_gid=1537994848.1605272767&gtm=2wgb41MJGTHP&z=1015643417
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 09:07:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14293
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=1876059639&t=event&ni=0&_s=1&dl=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&ul=en-us&de=UTF-8&dt=Digitale%20Erpressung%3A%20Bekannte%20Ransomware-Gruppe%20will%20angeblich%20aufh%C3%B6ren&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=TagPageviews&ea=cybercrime&ev=100&_u=aEDAAAABAAAAAC~&jid=&gjid=&cid=1334451741.1605272767&tid=UA-289892-8&_gid=1537994848.1605272767&gtm=2wgb41MJGTHP&z=2131861099
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 09:07:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14293
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=1876059639&t=event&ni=0&_s=1&dl=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&ul=en-us&de=UTF-8&dt=Digitale%20Erpressung%3A%20Bekannte%20Ransomware-Gruppe%20will%20angeblich%20aufh%C3%B6ren&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=NodeIdentifierViews&ea=d6701838-9096-4b9c-acf7-f10dc067aae2&ev=100&_u=aEDAAAABAAAAAC~&jid=&gjid=&cid=1334451741.1605272767&tid=UA-289892-8&_gid=1537994848.1605272767&gtm=2wgb41MJGTHP&z=1507055091
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 09:07:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14293
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		192 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80095106b900dfcf3ec48a74f9d1ba439bb38075c7a5370bcae1348502a2099a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
t3n-headercampaign-a.png
storage.googleapis.com/t3n-media/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/t3n-media/t3n-headercampaign-a.png
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f69f37b5111b52aa04d2681be453d6010b8f86449bb9a44aff6413eb0c7b6d18

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 12:14:52 GMT
age
3075
x-guploader-uploadid
ABg5-UyM-7YIWk6yk6nmTam_dilI5qXSSfhoC_B8g-tGunMYGfO_y8SOsgZOGjeblkPJZ1Nq_bw8hmOZkMndA-n6WQEk-uCBqw
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59340
last-modified
Fri, 06 Nov 2020 09:36:49 GMT
server
UploadServer
etag
"f90d2679915758c39ad7321c56f90b3f"
x-goog-hash
crc32c=KoLzpQ==, md5=+Q0meZFXWMOa1zIcVvkLPw==
x-goog-generation
1604655409561594
cache-control
public, max-age=3600
x-goog-stored-content-length
59340
accept-ranges
bytes
content-type
image/png
expires
Fri, 13 Nov 2020 13:14:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/main-1604397633.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
cafe
etag
12302490219791743052
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Nov 2020 13:06:07 GMT
widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame E791 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Ft3n.de
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=5.5.3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41A9) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
195727
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Nov 2020 13:06:07 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Thu, 01 Oct 2020 21:50:01 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41A9)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
5825
ad.gif
api-18-185-124-12.b2c.com/api/ 		43 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-18-185-124-12.b2c.com/api/ad.gif
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d014:c09:7602:6575:8072:5ae8:ba76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:07 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-length
43
content-type
image/gif
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1605272767380&sessionId=5b0692fb-8f3e-09f0-9209-da910af53ce9&url=t3n.de&cheqSource=1&cheqEvent=0&exitReason=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:07 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
62c9d6e97e7461e1ebc24fd135c7cde2
Content-Length
4
Expires
0
horizon_tweet.716ef7f4c155526f8ec8e60dbd2fbf56.js
platform.twitter.com/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.716ef7f4c155526f8ec8e60dbd2fbf56.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=5.5.3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4188) /
Resource Hash
b8e8fe9b8ca280dc3c982691064e62ba97c8f2c192a17dfe74430c7cf73cb4de

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:51 GMT
Server
ECS (fcn/4188)
Age
217313
Etag
"15d6bf68a8d65b293e52ddc833724ed4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2195
/
api.t3n.de/ 		29 B
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.t3n.de/
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/main-1604397633.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.218.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.218.246.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
a19929780fe4560296a811a4270c742ca8cc94393700b467d148e53a26f72435

Request headers

apollographql-client-name
t3n-frontend
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
apollographql-client-version
1.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
status
200
x-powered-by
Express
etag
W/"1d-YDUHKYlC60rl+3RZstBx9EeWHD0"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://t3n.de
access-control-allow-credentials
true
content-length
29
/
api.t3n.de/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.t3n.de/
Protocol
H2
Server
35.246.218.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.218.246.35.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
apollographql-client-name,apollographql-client-version,content-type
Origin
https://t3n.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Fri, 13 Nov 2020 13:06:07 GMT
x-powered-by
Express
access-control-allow-origin
https://t3n.de
vary
Origin, Access-Control-Request-Headers
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
apollographql-client-name,apollographql-client-version,content-type
/
www.facebook.com/tr/ 		0
99 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryvGiMORLrt103UKmO

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 13 Nov 2020 13:06:07 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://t3n.de
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=t3n.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=t3n.de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		205 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3731503554827070&correlator=1181014331963787&output=ldjh&impl=fifs&eid=21068614%2C21068701%2C21068728%2C21068735%2C21067448%2C21068107%2C21068418&vrg=2020111001&guci=1.1.0.4.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201113&iu_parts=1040011%2CDesktop_News_Artikel%2Cp2%2Cp1%2Cp0%2Cp3%2Cp4%2Cp5%2Cp6%2Cp7%2Cp8%2Cp14%2Cp15&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12&prev_iu_szs=300x600%7C200x600%7C160x600%7C120x600%7C160x1%2C970x250%7C728x90%7C970x90%7C940x92%7C800x250%7C970x2%2C728x90%7C970x90%7C970x1%2C300x250%7C300x125%7C300x400%7C300x1%2C320x50%7C620x640%7C620x250%7C620x680%7C940x700%7C300x250%7C336x280%7C620x204%7C620x1%7C620x175%2C300x250%7C300x125%7C300x400%7C300x600%7C300x2%2C620x640%7C620x680%7C940x700%7C300x250%7C336x280%7C620x2%7C620x175%2C300x250%7C300x3%2C320x50%7C300x250%7C336x280%7C620x3%7C620x175%2C970x250%7C728x90%7C970x90%7C940x92%7C800x250%7C970x3%2C1x1&fluid=0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2Cheight%2C0%2C0&prev_scp=%7C%7C%7C%7C%7C%7Chb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.10%26hb_adid%3D124419b536d8e12c%26hb_bidder%3Drubicon%7C%7C%7C%7C&eri=1&cust_params=hostname%3Dt3n.de%26pathname%3D%252Fnews%252Fmaze-ransomware-gruppe-erpressung-%26pagetype%3Dnews-post%26login_status%3Dnologin%26dfptest%3D%26ressort%3Dsoftware-infrastruktur%26articletype%3Dnews%26tags%3D%26identifier%3Dnews-article-1332843%26user_source%3Dorganic&cookie_enabled=1&bc=31&abxe=1&lmt=1605272767&dt=1605272767466&dlt=1605272766545&idt=348&frm=20&biw=1600&bih=1200&oid=3&adxs=1290%2C315%2C310%2C970%2C330%2C970%2C330%2C970%2C330%2C310%2C310&adys=1%2C280%2C0%2C1331%2C1109%2C1331%2C1825%2C1331%2C2028%2C2438%2C3701&adks=2147751538%2C462564095%2C2938280721%2C805976144%2C965366631%2C1866715263%2C31547959%2C3632381497%2C1595331473%2C2969373576%2C347925868&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x4092%7C980x4092%7C980x4367%7C300x1836%7C620x1453%7C300x1836%7C620x1453%7C300x1836%7C620x1453%7C980x4092%7C980x4092&msz=300x600%7C980x260%7C728x90%7C300x270%7C620x680%7C300x270%7C620x680%7C300x270%7C300x290%7C970x250%7C1x1&ga_vid=1334451741.1605272767&ga_sid=1605272767&ga_hid=1876059639&fws=128%2C128%2C128%2C128%2C128%2C128%2C128%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
ce7aa5ebeaaa90c7c409ce27cce4d8b51f554d51a16ed093b221b917af0fe937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36133
x-xss-protection
0
google-lineitem-id
5312005642,5312339408,5312005642,5534538858,5528589289,-1,-1,5535283647,5453437363,5536655174,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138304155137,138304121319,138304155140,138330637576,138329243031,-1,-1,138330366050,138325665329,138330356801,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://t3n.de
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
macos-11-big-sur-hero.jpg
assets.t3n.sc/news/wp-content/uploads/2020/11/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.t3n.sc/news/wp-content/uploads/2020/11/macos-11-big-sur-hero.jpg?ixlib=js-2.3.2&w=200&h=125&fit=crop
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.94 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
94.14.190.35.bc.googleusercontent.com
Software
shield /
Resource Hash
085240945b70769b7ee0f7e518aa54a55969a1f139e6e8866b95ffea675bdd91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
via
1.1 google
x-content-type-options
nosniff
age
35108
x-cache
MISS, HIT
status
200
x-shield-request-id
e5461f72b27699535fde0270f28d48b0
x-imgix-id
79a7eca7a5d022477280673a12cabf25fee60d34
alt-svc
clear
content-length
8560
x-served-by
cache-sjc10083-SJC, cache-hkg17927-HKG
last-modified
Wed, 11 Nov 2020 04:38:39 GMT
server
shield
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=172800
accept-ranges
bytes
ios-14-hands-on-hero.jpg
assets.t3n.sc/news/wp-content/uploads/2020/06/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.t3n.sc/news/wp-content/uploads/2020/06/ios-14-hands-on-hero.jpg?ixlib=js-2.3.2&w=200&h=125&fit=crop
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.94 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
94.14.190.35.bc.googleusercontent.com
Software
shield /
Resource Hash
d05915b2e878b6e5f034902f98817e19a89b743597c293c07ef7020c1c28f4ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
via
1.1 google
x-content-type-options
nosniff
age
6810
x-cache
HIT, MISS
status
200
x-shield-request-id
aa5377279b3339e33f7aa79108d08891
x-imgix-id
ecd3333c67f1679972f587c5de4c7a88f98e02f2
alt-svc
clear
content-length
11645
x-served-by
cache-sjc10056-SJC, cache-hkg17921-HKG
last-modified
Tue, 10 Nov 2020 13:23:52 GMT
server
shield
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=172800
accept-ranges
bytes
Telegram-Whatsapp-Signal-Messenger-Shutterstock.jpg
assets.t3n.sc/news/wp-content/uploads/2020/11/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.t3n.sc/news/wp-content/uploads/2020/11/Telegram-Whatsapp-Signal-Messenger-Shutterstock.jpg?ixlib=js-2.3.2&w=200&h=125&fit=crop
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.94 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
94.14.190.35.bc.googleusercontent.com
Software
shield /
Resource Hash
1ca98f82c963e02b621134ada56deb5e1f46933bd374124c75920b1ff79f5fc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
via
1.1 google
x-content-type-options
nosniff
age
103297
x-cache
HIT, HIT
status
200
x-shield-request-id
244eced50f413b0f36059da8275ffbd7
x-imgix-id
373bc7e82973a8f3a64d3b1bfa02cfaffc68dbcc
alt-svc
clear
content-length
12518
x-served-by
cache-sjc10080-SJC, cache-hkg17932-HKG
last-modified
Wed, 11 Nov 2020 20:21:59 GMT
server
shield
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=172800
accept-ranges
bytes
get
odb.outbrain.com/utils/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&srcUrl=https%3A%2F%2Ft3n.de%2Frss.xml&idx=0&rand=29353&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=310&py=2957&vpd=1757&settings=true&recs=true&version=2000118&sig=uK3PZ7q2&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c19e1bd778f00b0430507db5679c8ada1183e35491cfc9bdabc2976ee0a7dde

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
content-encoding
gzip
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-cache-hits
0, 0
x-traceid
6362383e9c47f9046a6a13cc2150deb5
content-length
11823
x-served-by
cache-mdw17334-MDW, cache-fra19146-FRA
pragma
no-cache
x-timer
S1605272768.586052,VS0,VE256
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
backend-ip
157.52.75.34
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
index.html
platform.twitter.com/embed/ Frame 35E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/index.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1323204004248211457&lang=de&origin=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&siteScreenName=t3n&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=5.5.3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4195) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1455
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Fri, 13 Nov 2020 13:06:07 GMT
Etag
"b6679b935ee618eb128ac61f46914f91"
Last-Modified
Tue, 10 Nov 2020 23:59:24 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4195)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
577
4
api-18-185-124-12.b2c.com/api/
Redirect Chain
  • https://api-18-185-124-12.b2c.com/api/x?pI4kzSzOkLdFFUqq$dXJsJDAkaHR0cHM6Ly90M24uZGUvbmV3cy9tYXplLXJhbnNvbXdhcmUtZ3J1cHBlLWVycHJlc3N1bmctMTMzMjg0My8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIs...
  • https://api-18-185-124-12.b2c.com:444/api/4?pI4kzSzOkLdFFUqq
43 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-18-185-124-12.b2c.com:444/api/4?pI4kzSzOkLdFFUqq
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.124.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:07 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
-1

Redirect headers

date
Fri, 13 Nov 2020 13:06:07 GMT
server
openresty
status
302
location
https://api-18-185-124-12.b2c.com:444/api/4?pI4kzSzOkLdFFUqq
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
https://t3n.de
access-control-allow-credentials
true
content-length
142
publishertag.prebid.js
static.criteo.net/js/ld/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 09:20:41 GMT
server
nginx
etag
W/"5f8eabe9-12977"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sat, 14 Nov 2020 13:06:07 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		74 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 09:20:41 GMT
server
nginx
etag
W/"5f8eabe9-12977"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sat, 14 Nov 2020 13:06:07 GMT
ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-19.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
last-modified
Sun, 11 Oct 2020 11:38:31 GMT
server
AkamaiNetStorage
etag
"f370d19306add072a726e7f4ade8dc57:1602418196.55007"
status
200
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*
content-length
7090
expires
Sun, 13 Dec 2020 13:06:07 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-19.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
last-modified
Wed, 14 Oct 2020 08:08:54 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1602663139.008777"
status
200
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*
content-length
2735
expires
Sun, 13 Dec 2020 13:06:07 GMT
l
mcdp-chidc2.outbrain.com/ 		2 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=a335ed066c82a43430a2a42ee5ad1904_3994_1605272767776&tm=665&eT=0&widgetWidth=980&widgetHeight=664&widgetX=310&widgetY=3097&tpcs=0&wRV=2000118&pVis=1&lsd=714c46d3-bd43-414b-9b8a-2d2801626e72&eIdx=&cheq=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.159 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 13 Nov 2020 13:06:08 GMT
content-encoding
gzip
X-TraceId
38dfdac578eb65593393643e18661e46
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
vidget.js
libs.outbrain.com/vidget/ 		197 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.outbrain.com/vidget/vidget.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-19.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
09ba12308b22bb01c21fe565ef98739ba95103bcc58c54f7a91269bd53f48352

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
content-encoding
gzip
status
200
pragma
no-cache
last-modified
Wed, 11 Nov 2020 17:14:02 GMT
server
AkamaiNetStorage
etag
"d9c52e230e768876d2110e974e00e231:1605115118.076886"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 13 Nov 2020 13:06:07 GMT
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 1AC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-19.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
recs_9b59cfb420ea486b00a3470f7330276f=0B3140329159A3148858166A3149680949A3146587738A3120627138A3140456339ACD1; obuid=714c46d3-bd43-414b-9b8a-2d2801626e72
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

status
200
accept-ranges
bytes
content-type
text/html
etag
"a1f73e1b978aa1f38293096b4758376b:1603608267.752085"
last-modified
Sun, 25 Oct 2020 06:44:17 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Sat, 14 Nov 2020 13:06:07 GMT
date
Fri, 13 Nov 2020 13:06:07 GMT
content-length
4466
timing-allow-origin
*
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cookie
CheetahStaging=true
set-cookie
akacd_widgets_routing=1605272767~rv=65~id=3f07cf28f762251c0cc5794bdd48a2d4; path=/; Expires=Fri, 13 Nov 2020 13:06:07 GMT; Secure; SameSite=None
streamFeed.js
widgets.outbrain.com/nanoWidget/2000118/module/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000118/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-19.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
938a7999859b0e95cf47e203b32cf9cb433e2481b1da869cdfe90dd66920c301

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
content-encoding
gzip
status
200
cookie
CheetahStaging=true
content-length
14940
last-modified
Mon, 09 Nov 2020 09:45:24 GMT
server
AkamaiNetStorage
etag
"a7382431ccfbba99ccd0dd5c8d176ce8:1604992452.109924"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
eyJpdSI6IjQwOGYwN2VhZDE1ZTU2ZjUzY2Q2MTQ4NjhiYjIzZDZhZWUzNGQ3NzA0Y2RkYzViNTBiMzVkMmUzOTJhYjY5MDkiLCJ3IjozMDAsImgiOjE3MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQwOGYwN2VhZDE1ZTU2ZjUzY2Q2MTQ4NjhiYjIzZDZhZWUzNGQ3NzA0Y2RkYzViNTBiMzVkMmUzOTJhYjY5MDkiLCJ3IjozMDAsImgiOjE3MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.57.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-57-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7e66005428e7407c16a6c049ebcf7997f02913d0496397d5661a7e93c9513ef0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
last-modified
Tue, 03 Nov 2020 21:26:15 GMT
content-type
image/webp
status
200
cache-control
max-age=1629934
x-traceid
6762fe1f2afd8db3a763ec7ce1a01314
timing-allow-origin
*
content-length
50466
eyJpdSI6IjI4YTRhZDk2ZjBkNWZjMDQxOTVjN2E4YTFhNjgwODk1ZjQxNTBhZmYwOGYyZGNiM2Q2YTI5N2I5Mjg5ZjMyYmIiLCJ3IjozMDAsImgiOjE3MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI4YTRhZDk2ZjBkNWZjMDQxOTVjN2E4YTFhNjgwODk1ZjQxNTBhZmYwOGYyZGNiM2Q2YTI5N2I5Mjg5ZjMyYmIiLCJ3IjozMDAsImgiOjE3MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.57.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-57-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ac6e1ef17b9e4912e52757f4540748de6639b51b2c95b05e18d3dc1c5ce3218

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
last-modified
Tue, 10 Nov 2020 11:23:26 GMT
content-type
image/webp
status
200
cache-control
max-age=2198278
x-traceid
e11206930ebbf3d60bd6a7f2af292961
timing-allow-origin
*
content-length
20764
eyJpdSI6ImNhNDk2ODYyNzE3N2FjZmIxNjY0M2NiNDg4YWQzNDYwZjZjY2FkODY4MzVlNWM2YTlhYzIxNDBlNTM1Y2VmOTYiLCJ3IjozMDAsImgiOjE3MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNhNDk2ODYyNzE3N2FjZmIxNjY0M2NiNDg4YWQzNDYwZjZjY2FkODY4MzVlNWM2YTlhYzIxNDBlNTM1Y2VmOTYiLCJ3IjozMDAsImgiOjE3MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.57.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-57-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
feed48677b58d6facc717e5f57c4eafc4ed8e630536c56bbc460131c4cae3836

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
last-modified
Tue, 10 Nov 2020 20:38:02 GMT
content-type
image/webp
status
200
cache-control
max-age=2231795
x-traceid
f50ae146daf3a835a9b4f8d328626783
timing-allow-origin
*
content-length
19796
eyJpdSI6ImQzY2VlZGJjNThmZWMxOTFlM2UwMjYxZmY0YzQzYmFhMTlkNmQzZjVjOGFmMWY5ZWU2MjMyMzgwMjNjMzVjYzMiLCJ3IjozMDAsImgiOjE3MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQzY2VlZGJjNThmZWMxOTFlM2UwMjYxZmY0YzQzYmFhMTlkNmQzZjVjOGFmMWY5ZWU2MjMyMzgwMjNjMzVjYzMiLCJ3IjozMDAsImgiOjE3MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.57.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-57-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
021169ebc0e02e3be2756e4d082e6f2d1922be182e6fbee31e0bd6569cbec49a

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
last-modified
Mon, 09 Nov 2020 09:53:41 GMT
content-type
image/webp
status
200
cache-control
max-age=2106018
x-traceid
c7285116407067d31c33389fbf801488
timing-allow-origin
*
content-length
14262
eyJpdSI6ImZlYjljY2YyNmRmNjQ0ZTgyNTEwYzE5N2VkNDg1OGI0ODYzY2NiMWQ5ODE5MjZkZTYzOTcxZGUxZjU2MTM0NjYiLCJ3IjozMDAsImgiOjE3MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZlYjljY2YyNmRmNjQ0ZTgyNTEwYzE5N2VkNDg1OGI0ODYzY2NiMWQ5ODE5MjZkZTYzOTcxZGUxZjU2MTM0NjYiLCJ3IjozMDAsImgiOjE3MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.57.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-57-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b754e9e9d575b12c49b4aa85613a7e27735a49a1560a0b5077f337b9202f548

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
last-modified
Fri, 23 Oct 2020 12:23:33 GMT
content-type
image/webp
status
200
cache-control
max-age=1147254
x-traceid
251aab719fbafa9eff523c38eb1c4771
timing-allow-origin
*
content-length
37004
eyJpdSI6ImEyYTg2ZDJmNTU5NDkzOTI2OWI3NGE3MDQ3NTUzZTBiODFjMmM1ZGViNGIxMmNjMzM2MWQwYmYyODY5MTBhMDEiLCJ3IjozMDAsImgiOjE3MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImEyYTg2ZDJmNTU5NDkzOTI2OWI3NGE3MDQ3NTUzZTBiODFjMmM1ZGViNGIxMmNjMzM2MWQwYmYyODY5MTBhMDEiLCJ3IjozMDAsImgiOjE3MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.57.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-57-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bebb509b97516dec0954874b2f540c5e6997c85c833198d3599069926a61c27c

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:07 GMT
last-modified
Fri, 06 Nov 2020 08:53:13 GMT
content-type
image/webp
status
200
cache-control
max-age=1843575
x-traceid
d28114630a06c2924ecf870941d83429
timing-allow-origin
*
content-length
4404
get
mv.outbrain.com/Multivac/api/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&version=2000118&apv=true&sig=uK3PZ7q2&format=html&rand=77358&lsd=714c46d3-bd43-414b-9b8a-2d2801626e72&lsdt=1605272767854&pdobuid=0&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&srcUrl=https%3A%2F%2Ft3n.de%2Frss.xml&scrW=1600&scrH=1200&t=YTMzNWVkMDY2YzgyYTQzNDMwYTJhNDJlZTVhZDE5MDQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=no_abtest&pcer=p%3DZ3XFcaco1kmN-Gp0AuJ--Hbi2IQEDepMy3eFdYxpt1s%26c%3Ddf1a3bab%26v%3D3&dpr=1&wdr-natlaz=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000118/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b6c2a4b44e451b3c6f760a09d03196d6b09ffbae31c1fe0d7c554ea9331a5f55

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
content-encoding
gzip
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-cache-hits
0, 0
x-traceid
de05c021f56424300c3fc5e36ceee97
content-length
6607
x-served-by
cache-mdw17339-MDW, cache-fra19146-FRA
pragma
no-cache
x-timer
S1605272768.947568,VS0,VE185
vary
Accept-Encoding, User-Agent
content-type
application/json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
backend-ip
157.52.75.39
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
textad1.
fundingchoicesmessages.google.com/f/AGSKWxUi4uIfn8T24k4nd_jF6acBXh3-yMsEbBaMoVKisA5aPRfRWK8YSbbUTg_wlWHzxwAmf6sf1Aegnv89gFiaqD2wq4_jy3XlmXESnXY_vy3e03Po8fH-lY2irCYFU9cFrg96_hYgXSEKBgt7exoybuia9XIIJ... 		54 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUi4uIfn8T24k4nd_jF6acBXh3-yMsEbBaMoVKisA5aPRfRWK8YSbbUTg_wlWHzxwAmf6sf1Aegnv89gFiaqD2wq4_jy3XlmXESnXY_vy3e03Po8fH-lY2irCYFU9cFrg96_hYgXSEKBgt7exoybuia9XIIJnp-jJA4r3JqZpkeYSWhVR8GQFRf4DI1hQsbZ0-zr7pr5lJ_lQ6WE7mdqcRnphoTyLxCOGnVnKwspxPdUxk=/_&video_ads_/adwolf.=adView&.hk/ads//textad1.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.wBjfIzn0m4g.es5.O/d=1/ct=zgms/rs=AJlcJMwILjwnBkCLqlx0ou_G--c1eCj0gg/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
618986258db585c2e2439db6c697a0831caf4999236fc7994f2ebeabc553605e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y7ujskSGpkeZfFiLq7xVPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Y7ujskSGpkeZfFiLq7xVPA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-Y7ujskSGpkeZfFiLq7xVPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Y7ujskSGpkeZfFiLq7xVPA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Fri, 13 Nov 2020 13:06:07 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.wBjfIzn0m4g.es5.O/d=1/ct=zgms/rs=AJlcJMwILjwnBkCLqlx0ou_G--c1eCj0gg/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2c54508e244fad6d1019ab0484369bb6712eb1d7b09ee97f9f2a742b72b707e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 12:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
20658
x-xss-protection
0
server
cafe
etag
3049979879964453995
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Nov 2020 13:57:01 GMT
AGSKWxWaRP804_sFyjq6ernXT1kChF5ohPHLnGgmWthlzgUBwIVPWqMO_HjaYZQSmYOD3YgWcQ-wQSRFRNmdVleQQnRuYA3ndGdQEj5qYXAzoY4_GiOe53AEp4nHACzu9phCTgIF0j6PioWWDjrsG6mSgxfIwzG9hn7KmAsjh8XyoeDVC7Q_nP1BXeSzdGz0
fundingchoicesmessages.google.com/l/ 		0
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxWaRP804_sFyjq6ernXT1kChF5ohPHLnGgmWthlzgUBwIVPWqMO_HjaYZQSmYOD3YgWcQ-wQSRFRNmdVleQQnRuYA3ndGdQEj5qYXAzoY4_GiOe53AEp4nHACzu9phCTgIF0j6PioWWDjrsG6mSgxfIwzG9hn7KmAsjh8XyoeDVC7Q_nP1BXeSzdGz0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.wBjfIzn0m4g.es5.O/d=1/ct=zgms/rs=AJlcJMwILjwnBkCLqlx0ou_G--c1eCj0gg/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KyZERxZ4+czfZexjU+0iWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KyZERxZ4+czfZexjU+0iWg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
status
204
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://t3n.de
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-KyZERxZ4+czfZexjU+0iWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KyZERxZ4+czfZexjU+0iWg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
getDocFeatures
videoclientsservicescalls.outbrain.com/ 		986 B
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://videoclientsservicescalls.outbrain.com/getDocFeatures?docId=3134808366&pubId=3994&callback=OB_VidgetServiceCallBack0
Requested by
Host: libs.outbrain.com
URL: https://libs.outbrain.com/vidget/vidget.js?e=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
106f05a65b6cafb13b82c0ae37d3d8bcf0efe2d6213884467f79849ee584a7b9

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:11 GMT
Content-Encoding
gzip
ETag
W/"3da-3o/2lUfb6k/mrhEogfW4ekObADM"
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
close
X-TraceId
5aacc17af11914defe662aacab45d347
AGSKWxWaRP804_sFyjq6ernXT1kChF5ohPHLnGgmWthlzgUBwIVPWqMO_HjaYZQSmYOD3YgWcQ-wQSRFRNmdVleQQnRuYA3ndGdQEj5qYXAzoY4_GiOe53AEp4nHACzu9phCTgIF0j6PioWWDjrsG6mSgxfIwzG9hn7KmAsjh8XyoeDVC7Q_nP1BXeSzdGz0
fundingchoicesmessages.google.com/l/ 		0
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxWaRP804_sFyjq6ernXT1kChF5ohPHLnGgmWthlzgUBwIVPWqMO_HjaYZQSmYOD3YgWcQ-wQSRFRNmdVleQQnRuYA3ndGdQEj5qYXAzoY4_GiOe53AEp4nHACzu9phCTgIF0j6PioWWDjrsG6mSgxfIwzG9hn7KmAsjh8XyoeDVC7Q_nP1BXeSzdGz0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.wBjfIzn0m4g.es5.O/d=1/ct=zgms/rs=AJlcJMwILjwnBkCLqlx0ou_G--c1eCj0gg/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AEEsPMWX5TgFFzQO30kYVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-AEEsPMWX5TgFFzQO30kYVQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
status
204
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://t3n.de
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-AEEsPMWX5TgFFzQO30kYVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-AEEsPMWX5TgFFzQO30kYVQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWaRP804_sFyjq6ernXT1kChF5ohPHLnGgmWthlzgUBwIVPWqMO_HjaYZQSmYOD3YgWcQ-wQSRFRNmdVleQQnRuYA3ndGdQEj5qYXAzoY4_GiOe53AEp4nHACzu9phCTgIF0j6PioWWDjrsG6mSgxfIwzG9hn7KmAsjh8XyoeDVC7Q_nP1BXeSzdGz0
fundingchoicesmessages.google.com/l/ 		0
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxWaRP804_sFyjq6ernXT1kChF5ohPHLnGgmWthlzgUBwIVPWqMO_HjaYZQSmYOD3YgWcQ-wQSRFRNmdVleQQnRuYA3ndGdQEj5qYXAzoY4_GiOe53AEp4nHACzu9phCTgIF0j6PioWWDjrsG6mSgxfIwzG9hn7KmAsjh8XyoeDVC7Q_nP1BXeSzdGz0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.wBjfIzn0m4g.es5.O/d=1/ct=zgms/rs=AJlcJMwILjwnBkCLqlx0ou_G--c1eCj0gg/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DhLwW/80CLbU0RJZc3Beiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DhLwW/80CLbU0RJZc3Beiw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
status
204
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://t3n.de
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-DhLwW/80CLbU0RJZc3Beiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DhLwW/80CLbU0RJZc3Beiw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUouFX-srOUg85ixiCaUdhdYEptvaCpU345fq7f-RmvZ37AJjpDhXXfoZcgx-2bZoAkW50KprS0sHKeuuZexEOZyNrDjUb2pwsN9kTHIZhI5oLh6jJLzVU9_hvyL57yNsDN0z_ubgLDMUKEGSRcxH-062ZxhEc618VHjGyEZ-IUKM0DdtrNXlag6CxX
fundingchoicesmessages.google.com/f/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUouFX-srOUg85ixiCaUdhdYEptvaCpU345fq7f-RmvZ37AJjpDhXXfoZcgx-2bZoAkW50KprS0sHKeuuZexEOZyNrDjUb2pwsN9kTHIZhI5oLh6jJLzVU9_hvyL57yNsDN0z_ubgLDMUKEGSRcxH-062ZxhEc618VHjGyEZ-IUKM0DdtrNXlag6CxX?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjA1MjcyNzY4LDkwMDAwMDBdLG51bGwsbnVsbCxudWxsLFsxLFs3LDZdXV0
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5fd660b9afd433d3d8010200c8ad97c44dd99ef73fc18b42441b5159e1b7ac4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tjhBXQobW1q/RWz8zP/nDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tjhBXQobW1q/RWz8zP/nDg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-tjhBXQobW1q/RWz8zP/nDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tjhBXQobW1q/RWz8zP/nDg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Fri, 13 Nov 2020 13:06:08 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWaRP804_sFyjq6ernXT1kChF5ohPHLnGgmWthlzgUBwIVPWqMO_HjaYZQSmYOD3YgWcQ-wQSRFRNmdVleQQnRuYA3ndGdQEj5qYXAzoY4_GiOe53AEp4nHACzu9phCTgIF0j6PioWWDjrsG6mSgxfIwzG9hn7KmAsjh8XyoeDVC7Q_nP1BXeSzdGz0
fundingchoicesmessages.google.com/l/ 		0
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxWaRP804_sFyjq6ernXT1kChF5ohPHLnGgmWthlzgUBwIVPWqMO_HjaYZQSmYOD3YgWcQ-wQSRFRNmdVleQQnRuYA3ndGdQEj5qYXAzoY4_GiOe53AEp4nHACzu9phCTgIF0j6PioWWDjrsG6mSgxfIwzG9hn7KmAsjh8XyoeDVC7Q_nP1BXeSzdGz0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.wBjfIzn0m4g.es5.O/d=1/ct=zgms/rs=AJlcJMwILjwnBkCLqlx0ou_G--c1eCj0gg/m=detection
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lqHT6jjdV+Zs4S/ozm8Sjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-lqHT6jjdV+Zs4S/ozm8Sjg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
status
204
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://t3n.de
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-lqHT6jjdV+Zs4S/ozm8Sjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-lqHT6jjdV+Zs4S/ozm8Sjg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
l
mcdp-chidc2.outbrain.com/ 		2 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=863eb6392a275e415eddb990bd96d46b_3994_1605272768061&tm=954&eT=0&widgetWidth=980&widgetHeight=341&widgetX=310&widgetY=3781&wRV=2000118&pVis=0&lsd=714c46d3-bd43-414b-9b8a-2d2801626e72&eIdx=&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.159 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 13 Nov 2020 13:06:08 GMT
content-encoding
gzip
X-TraceId
5ea481d4b44a6b011b530b3624bfc34a
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
eyJpdSI6IjllNzFlMWEzZjVlMjljNjJmNmM1NDAxMjk4NDJkMDJkMDM3ZjNkMWJmNjFmZTdmY2JlZGIwZTMxZjE2MjNhOTciLCJ3Ijo2MDAsImgiOjM0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjllNzFlMWEzZjVlMjljNjJmNmM1NDAxMjk4NDJkMDJkMDM3ZjNkMWJmNjFmZTdmY2JlZGIwZTMxZjE2MjNhOTciLCJ3Ijo2MDAsImgiOjM0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.57.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-57-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0a3bce0ecaaefcab678d788b667e77b2852ca45ff3c70a90f789223416ab874

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
last-modified
Tue, 10 Nov 2020 19:39:35 GMT
content-type
image/webp
status
200
cache-control
max-age=2227523
x-traceid
dcec5a6af97f0c328d33ca96511ac02
timing-allow-origin
*
content-length
7618
eyJpdSI6IjBjZjdiODFlODAzNzA1NDU2YmZhZTEyMWIyYTY3YzczMDZmMGMzNjgyMzA2NjJhZmJhODI3N2Q2MTQ3MWI1MTAiLCJ3Ijo2MDAsImgiOjM0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBjZjdiODFlODAzNzA1NDU2YmZhZTEyMWIyYTY3YzczMDZmMGMzNjgyMzA2NjJhZmJhODI3N2Q2MTQ3MWI1MTAiLCJ3Ijo2MDAsImgiOjM0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.57.205 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-57-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a308d2f5e313eb75b2a3fe28a58e52f54e2e184116633d8905834b7fd17553db

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
last-modified
Thu, 12 Nov 2020 20:22:22 GMT
content-type
image/webp
status
200
cache-control
max-age=2402535
x-traceid
20cbb540100e7cc6917449ba951bec90
timing-allow-origin
*
content-length
52182
/
js.smartredirect.de/affiliatemarker/ 		28 B
266 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.smartredirect.de/affiliatemarker/?urls=%5B%5B%22getpocket.com%22%2C98166%5D%2C%5B%22t.co%22%2C98912%5D%2C%5B%22techcrunch.com%22%2C75406%5D%2C%5B%22bleepingcomputer.com%22%2C88153%5D%2C%5B%22getpocket.com%22%2C68908%5D%5D
Requested by
Host: js.smartredirect.de
URL: https://js.smartredirect.de/js/?h=8pk0393K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.80.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-80-139.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9f235bd8884086a524264e354b1869e80446e43f43801298f59c8b4cf033488f

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:08 GMT
Content-Encoding
gzip
Server
Apache
Connection
keep-alive
Content-Length
48
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 90B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIs3kMC5agqeOANXGQTTkpWKueplI8z3JoevqF4t-SjPn8eIQqdUsio3sdWpEChUHnkbnT1ijnGO1wsCqN_6ZSUpXGoQYan1wUkD_Z2nx4vmspROe67hGS4l79tPlJhCajC43eahNT6ZHk2dV0GS54p9ZfUvVl2I0w1x7c9pKlaX-dVEeUDAmAh_5MgYxwceWUmN9Nm-rFcUkqlFjuIsoGeAzBueWEUPDm7XW9mbTbN8bzsNOPBiVZ8pgRs0nC-Jn50qa4W9JW&sai=AMfl-YTMI0OE_z87hLcn-r_l-2z7NNje8S4bMTLpCXOiFW13MmBZeMTSHle1ZfQvThHshluXp2oxSmzd_EyhdJdkAVu2DYMaLtKEBVhAk2U8BQzVFs4_tSOTGzl6WBOBy84&sig=Cg0ArKJSzH56PPFfQzy4EAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:08 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 90B2 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f6b0c9ecd81cc8e0bcd11faf0d6283dd8f2322eaa8fae461a11d27f1ebd1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605098045670130"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29174
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F7EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7_w7OWys5fhsB3o-3oveBrm2G4yOSvre7uYj12koqqGC0u6djNGK7WuYgPeO85mExuv0RBqxQ8bJ1kNwpUlbYlO1DQfZ4Td120JV_wsE2Hig5iJW9UTp3-RXhG4ysUyT90eLC0H8HCYOkVWpGE5JViDY8bfVKLzlpzeBKp4So4RzN7dFYq-IXLwiFCtlZHVk5Oq6atT_BBnnuApvXEI3vZ_iU5mEPa_e792e7rUpnpmERU_ElFGGJaxxgEmDkcg2wzAUNAjnP&sai=AMfl-YS63z4tpEsFlkDBfwyxckvLaite2Suftm2O6MbAfjKnntEsEzsR7jTUtHCg-KWndDZsikYs7txkfMUKZEbyLGUVqRGUAJOox0b_uSv7Az18URyJV1EXIl74j0nEVNA&sig=Cg0ArKJSzB7EL9fFe1MoEAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:08 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame F7EF 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f6b0c9ecd81cc8e0bcd11faf0d6283dd8f2322eaa8fae461a11d27f1ebd1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605098045670130"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29174
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0850 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCDPU11rLcKHwclY_IK39__tdF2q7-O3zo2NZMEva7MIp-l_wUOze7SKz8Poe4_-rxTfm96kr9n9RAhLdXdHDY-Zd4_SF0pF64r2MvCPcqOrOktM0mXjt395jDemo_poVYmUdqtQHGMgOCRQnoWtbxRpzxrbtBxKO6Lt3qqbhKgnlC7FrGPpU83uVvechJG2pP2QxOM0cfCDWqRI8qFjr2dhzRwCIVc-v7EluPl5swihqno8pwPG1Ghk9IONziN-7uVo7BecZX6kg&sai=AMfl-YTqVqC_IGazVxnMnNtS5HeSUTN2Xu9sEN_zdgVXfAvIstXauhPt6IKcFaQE9TrH2ifS3U6cu2IEMri2JDodR3giK35z3ZCGnGtwfJm0gx0q40Llzk7M7eB-rptgmUQ&sig=Cg0ArKJSzBtzLVL0IMD-EAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:08 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 0850 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f6b0c9ecd81cc8e0bcd11faf0d6283dd8f2322eaa8fae461a11d27f1ebd1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605098045670130"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29174
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:08 GMT
container.html
ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 49ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Fri, 13 Nov 2020 13:06:07 GMT
expires
Sat, 13 Nov 2021 13:06:07 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3E3D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Fri, 13 Nov 2020 13:06:07 GMT
expires
Sat, 13 Nov 2021 13:06:07 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e28099ec8875ba272b12bb0fb2a7269c2e0ac46d1761ee6ff4f069a59fd4e39e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605098045670130"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28195
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:08 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		103 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3731503554827070&correlator=1181014331963787&output=ldjh&impl=fifs&adsid=NT&eid=21068614%2C21068701%2C21068728%2C21068735%2C21067448%2C21068107%2C21068418&vrg=2020111001&guci=1.1.0.4.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201113&iu_parts=4574%2Cp4574.t3n.de%2Csoftwareinfrastruktur&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600&prev_scp=wf%3DSKY%26kw%3Dcybercrime%252Csoftwareinfrastruktur%252Cba_artikel&eri=1&cust_params=hostname%3Dt3n.de%26pathname%3D%252Fnews%252Fmaze-ransomware-gruppe-erpressung-%26pagetype%3Dnews-post%26login_status%3Dnologin%26dfptest%3D%26ressort%3Dsoftware-infrastruktur%26articletype%3Dnews%26tags%3D%26identifier%3Dnews-article-1332843%26user_source%3Dorganic&cookie=ID%3D0f038000c192395b-2282408034b900c3%3AT%3D1605272767%3AS%3DALNI_MaUmwF5VOnvxx4vfaAa_thF2_kwtQ&bc=31&abxe=1&lmt=1605272768&dt=1605272768413&dlt=1605272766545&idt=348&frm=20&biw=1600&bih=1200&oid=3&adxs=1290&adys=1&adks=4225869739&ucis=c&ifi=12&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x6189&msz=160x600&ga_vid=1334451741.1605272767&ga_sid=1605272767&ga_hid=1876059639&fws=128&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
5e28f42e96126298752c108ca1dbf504f7c1d49d56c0045818c669992516de04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51347
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://t3n.de
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3731503554827070&correlator=1181014331963787&output=ldjh&impl=fifs&adsid=NT&eid=21068614%2C21068701%2C21068728%2C21068735%2C21067448%2C21068107%2C21068418&vrg=2020111001&guci=1.1.0.4.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201113&iu_parts=4574%2Cp4574.t3n.de%2Csoftwareinfrastruktur&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x250%7C800x250%7C900x250%7C970x250&prev_scp=wf%3DFLB%26kw%3Dcybercrime%252Csoftwareinfrastruktur%252Cba_artikel&eri=1&cust_params=hostname%3Dt3n.de%26pathname%3D%252Fnews%252Fmaze-ransomware-gruppe-erpressung-%26pagetype%3Dnews-post%26login_status%3Dnologin%26dfptest%3D%26ressort%3Dsoftware-infrastruktur%26articletype%3Dnews%26tags%3D%26identifier%3Dnews-article-1332843%26user_source%3Dorganic%26bw%3Da%252Cb%252Cc%252Cd%252Ce%252Cf%252Cg%252Ch%252Ci%252Cj%252Ck%252Cl%252Cm%252Cn%252Co%252Cp%252Cq%252Cr%252Cs%252Ct%252Cu%252Cv%252Cw%252Cx%252Cy%252Cz%252Ca0&cookie=ID%3D0f038000c192395b-2282408034b900c3%3AT%3D1605272767%3AS%3DALNI_MaUmwF5VOnvxx4vfaAa_thF2_kwtQ&bc=31&abxe=1&lmt=1605272768&dt=1605272768418&dlt=1605272766545&idt=348&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=280&adks=1562455436&ucis=d&ifi=13&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x6189&msz=780x260&ga_vid=1334451741.1605272767&ga_sid=1605272767&ga_hid=1876059639&fws=128&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
7c724bc738303d4659a2914f83c979fc0af2bf9033cb43c0e68364c352e7268b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42882
x-xss-protection
0
google-lineitem-id
4922940163
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138257324345
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://t3n.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3731503554827070&correlator=1181014331963787&output=ldjh&impl=fifs&adsid=NT&eid=21068614%2C21068701%2C21068728%2C21068735%2C21067448%2C21068107%2C21068418&vrg=2020111001&guci=1.1.0.4.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201113&iu_parts=4574%2Cp4574.t3n.de%2Csoftwareinfrastruktur&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60&prev_scp=wf%3DBS%26kw%3Dcybercrime%252Csoftwareinfrastruktur%252Cba_artikel&eri=1&cust_params=hostname%3Dt3n.de%26pathname%3D%252Fnews%252Fmaze-ransomware-gruppe-erpressung-%26pagetype%3Dnews-post%26login_status%3Dnologin%26dfptest%3D%26ressort%3Dsoftware-infrastruktur%26articletype%3Dnews%26tags%3D%26identifier%3Dnews-article-1332843%26user_source%3Dorganic%26bw%3Da%252Cb%252Cc%252Cd%252Ce%252Cf%252Cg%252Ch%252Ci%252Cj%252Ck%252Cl%252Cm%252Cn%252Co%252Cp%252Cq%252Cr%252Cs%252Ct%252Cu%252Cv%252Cw%252Cx%252Cy%252Cz%252Ca0&cookie=ID%3D0f038000c192395b-2282408034b900c3%3AT%3D1605272767%3AS%3DALNI_MaUmwF5VOnvxx4vfaAa_thF2_kwtQ&bc=31&abxe=1&lmt=1605272768&dt=1605272768422&dlt=1605272766545&idt=348&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=0&adks=2293559474&ucis=e&ifi=14&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x6464&msz=728x90&ga_vid=1334451741.1605272767&ga_sid=1605272767&ga_hid=1876059639&fws=128&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
ca78ecebf9a5305edcdb5a46b49f20bed311d9fd0ec3b15914a166069c35735f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42784
x-xss-protection
0
google-lineitem-id
4922940163
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138257522728
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://t3n.de
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/232010270040000/ Frame F57D 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46025f1e6296df84ea1351028c57a75217a4ffca14a3feb4ef694d00d9dc1779
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78049
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54015
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 15:25:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8d96493634e86e25"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 15:25:19 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame F57D 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78049
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4850
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 15:25:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9b4fe327cbbf3d54"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 15:25:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame F57D 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78049
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27668
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 15:25:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cf57a07d51864bbe"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 15:25:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame F57D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78049
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1350
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 15:25:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"801b33d761932546"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 15:25:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame F57D 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78049
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13075
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 15:25:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e6506b245eaf4710"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 15:25:19 GMT
css
fonts.googleapis.com/ Frame F57D 		7 KB
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Nov 2020 11:28:36 GMT
server
ESF
date
Fri, 13 Nov 2020 13:06:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Nov 2020 13:06:08 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/14931043659013560829/ Frame F57D 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14931043659013560829/2076313506083323656
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6e8aaf2ac2bd5b3338c9a9157e60281e11da45302a9eeb1ca33b2b8ec301321
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 08:09:51 GMT
x-content-type-options
nosniff
age
363377
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46823
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 07:04:41 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Nov 2021 08:09:51 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/11823076768290809567/ Frame F57D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11823076768290809567/downsize_200k_v1?w=100&h=100
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
198b98297a3c812ebd470ff503f2732a7facce1b08563024bddbefd3d2eabc4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 23:58:58 GMT
x-content-type-options
nosniff
age
392830
x-dns-prefetch-control
off
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1591
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 06:59:54 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Nov 2021 23:58:58 GMT
truncated
/ Frame F57D 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F57D 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd6a9c9fa2fd6ea153a5a85ad092eb87add9a95b145f56ece043d866ebd5520b

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/232010270040000/ Frame 56F2 		188 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46025f1e6296df84ea1351028c57a75217a4ffca14a3feb4ef694d00d9dc1779
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78049
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54015
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 15:25:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8d96493634e86e25"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 15:25:19 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame 56F2 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78049
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4850
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 15:25:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9b4fe327cbbf3d54"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 15:25:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame 56F2 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78049
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27668
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 15:25:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cf57a07d51864bbe"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 15:25:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame 56F2 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78049
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1350
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 15:25:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"801b33d761932546"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 15:25:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame 56F2 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78049
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13075
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 15:25:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e6506b245eaf4710"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 15:25:19 GMT
css
fonts.googleapis.com/ Frame 56F2 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Nov 2020 11:29:34 GMT
server
ESF
date
Fri, 13 Nov 2020 13:06:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Nov 2020 13:06:08 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/12887825711836928746/ Frame 56F2 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12887825711836928746/2076313506083323656
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d9741fd41e057e61e43e5dbc3eb264b1cdc1278ba591f296e55d329cbf6abc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 09:15:06 GMT
x-content-type-options
nosniff
age
13862
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55712
x-xss-protection
0
last-modified
Thu, 13 Aug 2020 06:46:38 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Nov 2021 09:15:06 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/11873906894576590120/ Frame 56F2 		615 B
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11873906894576590120/downsize_200k_v1?w=100&h=100
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ec330adf63d08f1e91926ca41b41c3808b2096242199def4f3d6f0e8ed6a1d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 23:00:23 GMT
x-content-type-options
nosniff
age
50745
x-dns-prefetch-control
off
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
615
x-xss-protection
0
last-modified
Tue, 05 May 2020 09:37:54 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 23:00:23 GMT
truncated
/ Frame 56F2 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 56F2 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef3e4389482658b8296238168fee42e7a06831ccc554730e25ff86eec4a94369

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9026 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIeMNNL6YQMt_zLpYNTcbJmgFkh4AOjbSMrcGtza5li3AFl2n7GW1bPHZw1JkbFVWBXM48K8B-S_3WcJ_WUrWBKsfndPRaPTIDRV0D0h6yOPyLMtedSvN1DvXg8fIYRvHmVxipBHR_PqveQwyAgm7prgWtfGTNn_T8wELbWX6d8xqb8WKuezE_Ahdd17vQApYDMNFICbZsoae90bvpOJEf-7K-3O5QqtOG8o6xGL5jnA0nksLgXaYd1FMPWhp14vHKQsQQz9GCVKfb36pEags&sai=AMfl-YTBxR3Olbc2mdDkTTzKGUdZldD0JlOcU_svNoFMpUVdj1MtrWGoPdSXmWrh0verRcepwITnLHVXoVq72USqOTpnJoiSCzBL-9KcQeF-4GFgjS5PCo6xHjhZZHru4x8&sig=Cg0ArKJSzEbbxNZuJGeMEAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
aaw7wzt.js
use.typekit.net/ Frame 9026 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/aaw7wzt.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
56d1e635eca61ff1fa4df1b485070299b68e5291660dfb20bc4e8c6819441339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
status
200
date
Fri, 13 Nov 2020 13:06:08 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
6835
truncated
/ Frame 9026 		683 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8152abb35939b98c753939e034d4eab5d4523d3c2de693a8156cb29183e0979e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 9026 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f6b0c9ecd81cc8e0bcd11faf0d6283dd8f2322eaa8fae461a11d27f1ebd1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605098045670130"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29174
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:08 GMT
joblogo.gif
images.t3n.sc/jobslogos/44afe82ff7d07c40bdab627434084739733938db/ Frame 9026 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.t3n.sc/jobslogos/44afe82ff7d07c40bdab627434084739733938db/joblogo.gif?auto=format&h=200&ixlib=php-1.2.1&w=200
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.226 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
226.103.201.35.bc.googleusercontent.com
Software
shield /
Resource Hash
edfe3e116c9a32b780620da21565d3b649a30be9fd1f42ae15a41dc8fa8ccea2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
via
1.1 google
x-content-type-options
nosniff
age
792076
x-cache
HIT, HIT
status
200
x-shield-request-id
e1695c1aacf4ca9463c92485bcb14c11
x-imgix-id
8683961894b348705b2ea1d399243928290c7b2a
alt-svc
clear
content-length
5728
x-served-by
cache-sjc10045-SJC, cache-cdg20748-CDG
last-modified
Wed, 04 Nov 2020 09:04:53 GMT
server
shield
vary
Accept, User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
container.html
ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F983 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Fri, 13 Nov 2020 13:06:07 GMT
expires
Sat, 13 Nov 2021 13:06:07 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 9CEC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLGqMezH5jiYOj2gM6LrfehPw6X-MvIBH8f3qecRVAf8akddf5sisJGU2Xj-sawjEoOtjsHIhBtGAOOYEFAB6svZjuWkPPpc4Z9ohv-nROADEqYma3sz2owUD4sMwIcdJKP65aoAb0SXyhWiJ1gn8U9sQ2MAEaiIInR3eM_gE1Q6y50iPr8E6TCUeF8jPvdhiSMbR8h6YiC6-rH5A0RX814cWWDhaGXJnh26-srGdysr_YYzbfOJ-9UH7fYHPshQYk-PgYgK6awYDFVGGx&sai=AMfl-YRw5-FBL_WSKqEpTmG1Y6pY36UrJ6nIISnTxLkGZcKJT37axnvJqoD7Je2R0s25hKw8v2k6v5Cri8rb5tm6JB3Lqj_rGAdeUPRUPVUPkGQ1_4iayBXhLPO9rMHvIFI&sig=Cg0ArKJSzOQsT0H_RwIAEAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
aaw7wzt.js
use.typekit.net/ Frame 9CEC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/aaw7wzt.js
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
56d1e635eca61ff1fa4df1b485070299b68e5291660dfb20bc4e8c6819441339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
status
200
date
Fri, 13 Nov 2020 13:06:08 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
6835
truncated
/ Frame 9CEC 		683 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8152abb35939b98c753939e034d4eab5d4523d3c2de693a8156cb29183e0979e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 9CEC 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f6b0c9ecd81cc8e0bcd11faf0d6283dd8f2322eaa8fae461a11d27f1ebd1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605098045670130"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29174
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:08 GMT
joblogo.gif
images.t3n.sc/jobslogos/32c671309ad022a0e78dbcce9e940d3c3c00a080/ Frame 9CEC 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.t3n.sc/jobslogos/32c671309ad022a0e78dbcce9e940d3c3c00a080/joblogo.gif?auto=format&h=200&ixlib=php-1.2.1&w=200
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.226 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
226.103.201.35.bc.googleusercontent.com
Software
shield /
Resource Hash
d27c43911bf8cd3bcb9f4dbabf867c0a595e5c9801693bf2b4478193b69e8199
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
via
1.1 google
x-content-type-options
nosniff
age
791689
x-cache
MISS, HIT
status
200
x-shield-request-id
0aae9298a26651684d93ce15345c6bcd
x-imgix-id
19667caa4af71457b56d66b9dc7bafe4a1c98c3b
alt-svc
clear
content-length
4934
x-served-by
cache-sjc10061-SJC, cache-cdg20743-CDG
last-modified
Wed, 04 Nov 2020 09:11:18 GMT
server
shield
vary
Accept, User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F57D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/de.png
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 17:58:55 GMT
x-content-type-options
nosniff
age
68833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2958
x-xss-protection
0
server
cafe
etag
6601037253665971276
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 17:58:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F57D 		295 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 22:32:01 GMT
x-content-type-options
nosniff
age
52447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
server
cafe
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 22:32:01 GMT
l
www.google.com/ads/measurement/ Frame F57D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSX1w-qK6BW4gzqRRnKubGKqhgDKzGK98uXTTfa3Y8Ed68C-U0URcObgdcna_trEqyu0Y25
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame F57D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIpwov4SuX-zkJ8aM7_UP3bSgiATPwcvsX7GvzLbxDNvZHhABIJ_UvlVg9ZXOgeAEoAGPs8PpA8gBCakCQG1Y0qtUsj7gAgCoAwHIAwqqBOwBT9ASeuXA1IonQ4R8LQnFc1nbwWU_Ac2ekEmhLwfHtHKOdbKlmKM-Gy9khpnN4lM1cJLGGPnFX_nuOzKHcjgmN68ISg_4onMIj0kZuT29TM-qWWUn_uV9hoS69QkvLo-dn8qx9zKCMmT0T0PJ5LHLZJQfHSzCW1ROjsJ8_Z3GCka3IUeJ8ljWfV8bDqjfapb1jobgA2rVt9XSVNNLK3Tm_4hNOtaz2-Y3KsMcj8qIFnNZAGeJK2OLC8qs47qRLL66YedZqbbE32g1eZmb1BE2jH68SWRKdtZSHm0ls7CZxlyZ-zYcjLdOK7KownrABMjIj86hA-AEAaAGLoAH2cy8FqgH1ckbqAfw2RuoB_LZG6gHlJixAqgHpd8bqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFEKLe5gLSCAkIgOGAQBABGB2ACgPICwHYEwOIFAeyFxoKGAgBEhRwdWItNTA4OTcwMzg3NzU3OTQzNQ&sigh=ti0FRTAKlGE&template_id=484&tpd=AGWhJmvL1NbHAVNVKYb9AizqjJNAPspzZyt85V6VcnU9FjAUxw
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 56F2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/de.png
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 17:58:55 GMT
x-content-type-options
nosniff
age
68833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2958
x-xss-protection
0
server
cafe
etag
6601037253665971276
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 17:58:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 56F2 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 22:32:01 GMT
x-content-type-options
nosniff
age
52447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
server
cafe
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 22:32:01 GMT
l
www.google.com/ads/measurement/ Frame 56F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQk23Ko3e2TcbR18G2bfyyZqHIBItF7OyTzDNLi6mpQ04BKqALmwG6SlztvPiT0Da8u4baj
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 56F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgTCIv4SuX-3kJ8aM7_UP3bSgiAS67bG1XpOlkeGEDNvZHhABIJ_UvlVg9ZXOgeAEoAHN09WkA8gBCakCQG1Y0qtUsj7gAgCoAwHIAwqqBPABT9CZAA_wha7XL3YVtbrW_lxXLrxVeOst-RHiHX__Ec0Ai8hQHJyfe7H-VEpu0QFMq0nMZ_OQRdSfADfiK7Ql5obnEnSkA9aJWR4YznVnfmK2U1XFlnfkQCS4O8_jBm1lreQAjz6c-PhtbCQOxoWGSS1f_STfxYdwOq1W2R7nnlCEhb5ubfF4QkMKw6alYzGzOXsiYqldvmsQH29VvPhPsejJnBdcVOYQEMiUt9u6TMMBaHQXHPyciLO1urjnAEAOTeAPaVcefj7d5SBWnJrn1ZwrCPMOvE9tiyrUGOWnRGOplxTSlPdDlA3ZCJNRwpUQwATOuI3iigPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH5OuqW6gH1ckbqAfw2RuoB_LZG6gHlJixAqgHpd8bqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFELSNwwHSCAkIgOGAQBABGB2ACgPICwHYEwuIFAmyFxoKGAgBEhRwdWItNTA4OTcwMzg3NzU3OTQzNQ&sigh=BR92TIj7LTk&template_id=484&tpd=AGWhJmue_ErT--bEwZj9Wg_uD86iveS77H0P9RYknAy84upMkg
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 90B2 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9_Pw9iEzhMWd09oFBXuzdSWwXQBb_xZy2zQgqa7PAcvF1_jvNcXIr-vNkWUiCAlH0I8HsOYq_2m_TDaHbEbwmAyLwP_rpRpAc9WCGA_ShwY7kPlJo70n4Me7qWwCdey6rWL3GmcH4EWRF6vSP2g7xpC1FvOSiFdGUqid_glvkdFgyiP-iOJnDrN5Sjhzy7O0JXzk3bG2relHugxuXawJiz53lPUO6kIRDxt0dJBxVoNP4P_IiacTMSYhSBHPuKNObTjgL40lC0c0&sai=AMfl-YTITMRaUkUjNaF_uYsHrYwIRXeuF-IsD7_MHWELQ4W-2c9c-_RKbQ0zxqF8ombXi5kBAV4IwmNgLJG5f2N3VDbST1pfng438TBAK0RQym2Tgzn8ZxAd1UfV7LcFBPk&sig=Cg0ArKJSzGfCJG2irDKjEAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F7EF 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuI2jG6p1u_IlkqCKYBz-eO07iQ30EhxQ5qGqgZNqzX95Ff_cN5VKE1KKP715Cp0RF2NC3FomSJKJb9unWUhOFQDLZ0RfFXxAkui_liczSTHjgAFYayK8tcbizuIXyXEZZjBWUpKd5-5RwvCjaHWK_Wrq9Rw5zVobZiE2682OEqlJ7eGR6dXvZMDLjwqL7q0QYALZZCAt5u13RlOKJEKtdb3quGArJOHhNbIetaiVrbFtcGl1CS3xbTRrbhzQA-w1MCbSAYO6CjINs&sai=AMfl-YRR2Q5msMGaArso7AS_0GMXNqlpxz3CHUDvwPyTTefRz-Gxz7g7IaT8YbXfsaX_DaNTXwy--Y2Vdj5QCd71pxXc3YQ6LEwO5wzfDDOyq1rqyaiqp40lAuVZ1VTJBro&sig=Cg0ArKJSzPV6OqJL6TGpEAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0850 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstl8gmvn_KalMMQaxcXLJ8xqw3vBSjz4-P1T-JNn2P0jScUzGhCVg5s_a17-rftgp-ZZvdmMxddcCdC2hWgs0tmVdboD0wP-6V7r4lyEUyqv-nU6P49Grs0ED00tOecaquluNZ-PROT0DxR-8b4t0XwY0lw7MNg1qpA5KqqTOwXDBdZj2ZbUgbWl5M0COH4uut99tTjfE2ncinmwvPGWSTVNgIh4EZPN2_4gXJ8IdFJNwfvpOTno1rlN2AQZalb4RixSPtfheMNYk7_ug&sai=AMfl-YSPbPAlzSDEZNODAj6HN5JMnL2f47aCKyU3JE_hy4r30MKp46vI2Mm0EciUuZPUyJVC1BcpMg9-2e1lQLoWC9J8Vkonsj56XUyUNsbpsSZfUAJoC8iVZNnIQJ23uFE&sig=Cg0ArKJSzBJjAsSa53ZqEAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F57D 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://t3n.de
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 20:01:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
579899
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Sat, 06 Nov 2021 20:01:09 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F57D 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://t3n.de
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 07:10:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
539724
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sun, 07 Nov 2021 07:10:44 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 56F2 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://t3n.de
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 20:01:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
579899
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Sat, 06 Nov 2021 20:01:09 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 56F2 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://t3n.de
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 07:10:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
539724
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sun, 07 Nov 2021 07:10:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9026 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqODSXPjEZd9tYiNqJLtyaAC2oJ3ZLWoUw_icO55duzxC6c7yo6ynlOPD4qY_tx1Q8VsknJ-NALSDU-GvU3Q7XZPB4Tjmu59BFurBoE-1aS8V_vOe9soAjvq8qc2ajq21qaAEMpicrKxLs2QxXduDsz53tU2eh6ny0d9vs97esWIcm-GSyEG3dTwGnQEOoUt3IA0of8eoVBR0uqbJhTZ603RNRzenTyM3VyIjQA6tTXuZgq1ya3gyEAMJ6FMTx0C7hLnDt4A0IU--WDCzFB-kbUQ&sai=AMfl-YTtomQxoPLv1BeIFCX238BULXK1w7WYEvAlp6gPqt8Uw0q9nlWBd-Tc6yEjdUgD-DnkCOIvFc_IfC1kO7XvjfbnXtah7qN_DDcNCfMHzMvoEB3NLYfqNGEakjO1E-A&sig=Cg0ArKJSzIg8TQhP3fx9EAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 9026 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8588d18ef0192175ac1601d16cd8f92861e346df4c298dd7b3057caac27a8701

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9CEC 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHKa4DZZyTqSTBFyhoCyVtS49cJiRxGEflhZtsEqW-l2mJhrJyzRw6htM9oKBvmUJ7K9gIfMlDYws_GvuUgG2TpGei5b3GkiGZlqO0Re5p6yKCVNx4g99l-9S4lbgdtAqQcygZQs0Ch3rhSH385ZbHlQUZcWQQOl8PtOrhTjJ_YURU2XWuuEnXYc8XmrX0hkTRP8SS-XMhhi3U2oYWM2Si3g9QmXygi8EOmHxq8VHirnWx9_0ldhuCSJXL9BHR5gyegE62IIGfQcf53_cbVHU&sai=AMfl-YSuV3Yv8gcR8Oqd1Bv-n0_-jjAp1q03Z8mke5tI-iFl0SwmYNlQirGSOobJgEniNAK9DLfKuHT0lTH7swjyffhIy_yVkRhDBybgcbZDinVg353AiWuy4g7R1yLc4tI&sig=Cg0ArKJSzMU-oza8igQrEAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:08 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 9CEC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8382a6bf44921f96e53d11f46d6582185bf5a6709ec91f478a55d4a2f9745477

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
l
use.typekit.net/af/9f2f2a/00000000000000003b9acf30/27/ Frame 9026 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9f2f2a/00000000000000003b9acf30/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
0e61bbf1fcf3573627de44aa6799cce3ed481ae1962ad7d98f9a996db96f8c8f

Request headers

Origin
https://t3n.de
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
server
nginx
etag
"cead359c4b45407be04b075734084dfc296015c0"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
42004
l
use.typekit.net/af/708bdf/00000000000000003b9acf2e/27/ Frame 9026 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/708bdf/00000000000000003b9acf2e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
0f518a0d5924fd3fe75fb5571c8c7e9ba80fa9dc66aa8a3b11883de86d42583b

Request headers

Origin
https://t3n.de
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
server
nginx
etag
"ab080c56fce5d8bf34976a9f438979e817ec3651"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
44260
l
use.typekit.net/af/03e1a3/00000000000000003b9acf2d/27/ Frame 9026 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/03e1a3/00000000000000003b9acf2d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
3388130914aa9782e9d5a20234f4dcd5055bd86a9a9ed579ab84a597107c3593

Request headers

Origin
https://t3n.de
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
server
nginx
etag
"c85df0a9a8d5ceea0379089b42901c24f9cf3cd3"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
42016
l
use.typekit.net/af/9f2f2a/00000000000000003b9acf30/27/ Frame 9CEC 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9f2f2a/00000000000000003b9acf30/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
0e61bbf1fcf3573627de44aa6799cce3ed481ae1962ad7d98f9a996db96f8c8f

Request headers

Origin
https://t3n.de
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
server
nginx
etag
"cead359c4b45407be04b075734084dfc296015c0"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
42004
l
use.typekit.net/af/708bdf/00000000000000003b9acf2e/27/ Frame 9CEC 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/708bdf/00000000000000003b9acf2e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
0f518a0d5924fd3fe75fb5571c8c7e9ba80fa9dc66aa8a3b11883de86d42583b

Request headers

Origin
https://t3n.de
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
server
nginx
etag
"ab080c56fce5d8bf34976a9f438979e817ec3651"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
44260
l
use.typekit.net/af/03e1a3/00000000000000003b9acf2d/27/ Frame 9CEC 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/03e1a3/00000000000000003b9acf2d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
3388130914aa9782e9d5a20234f4dcd5055bd86a9a9ed579ab84a597107c3593

Request headers

Origin
https://t3n.de
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
server
nginx
etag
"c85df0a9a8d5ceea0379089b42901c24f9cf3cd3"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
42016
p.gif
p.typekit.net/ Frame 9026 		35 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=aaw7wzt&ht=tk&h=t3n.de&f=17007.17013.17016&a=4804013&js=1.20.0&app=typekit&e=js&_=1605272768877
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:581::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
last-modified
Wed, 24 Jun 2020 21:05:53 GMT
server
nginx
etag
"5ef3c031-23"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
35
p.gif
p.typekit.net/ Frame 9CEC 		35 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=aaw7wzt&ht=tk&h=t3n.de&f=17007.17013.17016&a=4804013&js=1.20.0&app=typekit&e=js&_=1605272768880
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:581::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:08 GMT
last-modified
Wed, 24 Jun 2020 21:05:53 GMT
server
nginx
etag
"5ef3c031-23"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
35
de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F57D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/de.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 17:58:55 GMT
x-content-type-options
nosniff
age
68833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2958
x-xss-protection
0
server
cafe
etag
6601037253665971276
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 17:58:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F57D 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 22:32:01 GMT
x-content-type-options
nosniff
age
52447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
server
cafe
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 22:32:01 GMT
de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 56F2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/de.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 17:58:55 GMT
x-content-type-options
nosniff
age
68833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2958
x-xss-protection
0
server
cafe
etag
6601037253665971276
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 17:58:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 56F2 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 22:32:01 GMT
x-content-type-options
nosniff
age
52447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
server
cafe
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 22:32:01 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012010270040000/ Frame 21E9 		180 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
139342
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51478
x-xss-protection
0
server
sffe
date
Wed, 11 Nov 2020 22:23:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0305d7d21a7fe4a1"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Nov 2021 22:23:46 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 21E9 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
152752
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4850
x-xss-protection
0
server
sffe
date
Wed, 11 Nov 2020 18:40:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"77bd676d834aaa8d"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Nov 2021 18:40:16 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 21E9 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
152677
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27668
x-xss-protection
0
server
sffe
date
Wed, 11 Nov 2020 18:41:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1304c1c0caf7ca3c"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Nov 2021 18:41:31 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 21E9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
139354
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1350
x-xss-protection
0
server
sffe
date
Wed, 11 Nov 2020 22:23:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"12c034eb739190af"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Nov 2021 22:23:34 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 21E9 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
139354
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13075
x-xss-protection
0
server
sffe
date
Wed, 11 Nov 2020 22:23:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e8a1dae72af56cd"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Nov 2021 22:23:34 GMT
css
fonts.googleapis.com/ Frame 21E9 		7 KB
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Nov 2020 11:23:59 GMT
server
ESF
date
Fri, 13 Nov 2020 13:06:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Nov 2020 13:06:08 GMT
de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 21E9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/de.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 17:58:55 GMT
x-content-type-options
nosniff
age
68833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2958
x-xss-protection
0
server
cafe
etag
6601037253665971276
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 17:58:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 21E9 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 22:32:01 GMT
x-content-type-options
nosniff
age
52447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
server
cafe
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 22:32:01 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/14931043659013560829/ Frame 21E9 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14931043659013560829/2076313506083323656
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6e8aaf2ac2bd5b3338c9a9157e60281e11da45302a9eeb1ca33b2b8ec301321
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 08:09:51 GMT
x-content-type-options
nosniff
age
363377
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46823
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 07:04:41 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Nov 2021 08:09:51 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/11823076768290809567/ Frame 21E9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11823076768290809567/downsize_200k_v1?w=100&h=100
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
198b98297a3c812ebd470ff503f2732a7facce1b08563024bddbefd3d2eabc4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 23:58:58 GMT
x-content-type-options
nosniff
age
392830
x-dns-prefetch-control
off
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1591
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 06:59:54 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Nov 2021 23:58:58 GMT
truncated
/ Frame 21E9 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 21E9 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2078d0aa07f9ddb6df35a03168c741c487e18d46f0438a492a1f061e6fe597aa

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame 21E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRW7xJ3CoV4eLGhh67au0tbzaxFtb5ACNxfBfiXgq-MI7b3BqHYbSGuudFE4ja0d_4IhyyFrL2rn7nS_Z1WKnuHUa316A
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 21E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cdcc3wISuX_COHejF7_UP24eBiAXPwcvsX7GvzLbxDN3ZHhABII7z9BNg9ZXOgeAEoAGPs8PpA8gBCakCQG1Y0qtUsj7gAgCoAwHIAwqqBOoBT9AraAGVsP2DRCOb6LM1aUY3YRHKWVN3lkV-9NOXZFo2cbvA8cjP53QCZ-GCTSBU7AymSw_6ClAhYbvK1i9BUVrdoMyOaCDLaOTG-hPcG8owVKmER5pp5rCcRGci3yz7TbdNoAVlU2yhuMWg5nVp-KWm2jkWwsMnizpf3Jo9xMLpvC5Fcg7u61k5u2trzDWWBx9LCKg4bmVzGBrGyQe1f2UGPFZKEFqrRDlhgG7N6WO6fz0Z3imNH00BSh0tes3JZcQRg9v7piTgW931khiW6EJFsRCPMDiRRyWJ3IzeQjWo2sDwuUZKHfRSwATIyI_OoQPgBAGgBi6AB9nMvBaoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwUQocToAtIIBwiAYRABGB2ACgPICwHYEwOIFAeyFxoKGAgBEhRwdWItODgxMzM0NzM3NTAwNTI1OA&sigh=kNYZIZmxzX0&template_id=484&tpd=AGWhJmvY-XA3A7S0_0bPgnzpnCbc6y3Pr6whZ6TosxEjw5WPjw
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 21E9 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://t3n.de
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 20:01:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
579899
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Sat, 06 Nov 2021 20:01:09 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 21E9 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://t3n.de
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 07:10:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
539724
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sun, 07 Nov 2021 07:10:44 GMT
de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 21E9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/de.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 17:58:55 GMT
x-content-type-options
nosniff
age
68834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2958
x-xss-protection
0
server
cafe
etag
6601037253665971276
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 17:58:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 21E9 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 22:32:01 GMT
x-content-type-options
nosniff
age
52448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
server
cafe
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 22:32:01 GMT
api
cdn.m6r.eu/sync/ Frame B0C4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.m6r.eu/sync/api
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.73.125 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-73-125.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6387c91e2ca763de5a106cf5c898f3e6fff711422affb8a72f8d22d7245c164d

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Nov 2020 14:35:52 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1162
Expires
Fri, 13 Nov 2020 13:06:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B0C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZFQT10G8NtYz3YbaaQERTGy9xltmKS5_sZ7Sx7zcjhxUUsBjyoHdund5zEp7qQzMsPu4tElLu4pialRLNvhjRatwerSDSudbAtP0-tcUoJGIIfVSiG8OM9yFvjWyyWYvAqpgrCTzsnvsoD9-L4GtZl2fkYXKHEKHZ3zxep2vfv-Jlgg9Txf0FdUvXXOkcCyLj6IELnjq_-iLqg5hdDojrKmrbiz1qBFK52D2pIVVCuXFjy94tJwHao7JTLQi3TdxekAmkqEMbZuzlC4g&sig=Cg0ArKJSzPJO3YKhqn8gEAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:09 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
getads.js
js.adscale.de/ Frame B0C4 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/getads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.73.125 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-73-125.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ae335418c9e1304babbeee902b4924ca90b3273ca8205f66d59ce47b3839620e

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
yfUSpKnX9rfMGO3YllUMzZUIz2rMdokI
Content-Encoding
gzip
Last-Modified
Sat, 07 Nov 2020 00:14:22 GMT
Server
AmazonS3
x-amz-request-id
16E2ADE36915307B
ETag
"519e4535d84dfb7faa6f6f04aa2302e5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Fri, 13 Nov 2020 13:06:10 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8782
x-amz-id-2
Ian9ltJqzosnoE13KX8vPKMCmzy9MQH0CVPEkJDc+ut3FqQ7DxL2o8jwRl2mJ9Rsxqy4EvgPzDU=
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame B0C4 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f6b0c9ecd81cc8e0bcd11faf0d6283dd8f2322eaa8fae461a11d27f1ebd1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605098045670130"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29174
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:09 GMT
api
cdn.m6r.eu/sync/ Frame DC03 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.m6r.eu/sync/api
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.73.125 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-73-125.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6387c91e2ca763de5a106cf5c898f3e6fff711422affb8a72f8d22d7245c164d

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Nov 2020 14:35:55 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1207
Expires
Fri, 13 Nov 2020 13:06:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DC03 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtDuQVhbcukGMNtmU8RvWJvtspg3x5LDhCJjsgg7hwvYGRUACNUCeG4HBEGdfw9T-KEcBf5Wbewe4UDMEszMU2gnl8h9DHMx3SrJtvRpSYQ-aRheVmluW1Ury3GcxXhk2UHFnY6muPRQ_p06qia-6uxrr23-sLthhvW-_ZPfYlby9v3hcgJcaSg9GNneHagsACII9v3InBkxvVqzVM3TZ3DSXwR6PBx_jDOyMj8dm-pPsgQZtitrdFCJVIHme8QHICAQlxve5uWHmIQKg&sig=Cg0ArKJSzARL9ZsF-azDEAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:09 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
getads.js
js.adscale.de/ Frame DC03 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/getads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.73.125 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-73-125.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ae335418c9e1304babbeee902b4924ca90b3273ca8205f66d59ce47b3839620e

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
yfUSpKnX9rfMGO3YllUMzZUIz2rMdokI
Content-Encoding
gzip
Last-Modified
Sat, 07 Nov 2020 00:14:22 GMT
Server
AmazonS3
x-amz-request-id
16E2ADE36915307B
ETag
"519e4535d84dfb7faa6f6f04aa2302e5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Fri, 13 Nov 2020 13:06:10 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8782
x-amz-id-2
Ian9ltJqzosnoE13KX8vPKMCmzy9MQH0CVPEkJDc+ut3FqQ7DxL2o8jwRl2mJ9Rsxqy4EvgPzDU=
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame DC03 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f6b0c9ecd81cc8e0bcd11faf0d6283dd8f2322eaa8fae461a11d27f1ebd1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605098045670130"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29174
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 21E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrPiEwISuX_COHejF7_UP24eBiAXPwcvsX7GvzLbxDN3ZHhABII7z9BNg9ZXOgeAEoAGPs8PpA8gBCakCQG1Y0qtUsj7gAgCoAwGqBOoBT9AraAGVsP2DRCOb6LM1aUY3YRHKWVN3lkV-9NOXZFo2cbvA8cjP53QCZ-GCTSBU7AymSw_6ClAhYbvK1i9BUVrdoMyOaCDLaOTG-hPcG8owVKmER5pp5rCcRGci3yz7TbdNoAVlU2yhuMWg5nVp-KWm2jkWwsMnizpf3Jo9xMLpvC5Fcg7u61k5u2trzDWWBx9LCKg4bmVzGBrGyQe1f2UGPFZKEFqrRDlhgG7N6WO6fz0Z3imNH00BSh0tes3JZcQRg9v7piTgW931khiW6EJFsRCPMDiRRyWJ3IzeQjWo2sDwuUZKHfRSwATIyI_OoQPgBAGgBi6AB9nMvBaoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwUQocToAtIIBwiAYRABGB2ACgPICwHYEwOIFAeyFxoKGAgBEhRwdWItODgxMzM0NzM3NTAwNTI1OA&sigh=EhSSBJSkwD8&vt=1&template_id=484
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 21E9 		42 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVVfPdKy7eT-TxzMf0Rp01a83tXZUG9qItCP1D4ssHrSZ3Z6p3ZO2C0fxeR7D-svSxw9dgtY0TxhjSxAr5T_3hcWot9_MKpYTAz2uiWTjea_sHIkl4KxIJgrI&sai=AMfl-YQ-YyAig22JYk5h-vjYOBA_krck7qgAP2H3I_hyIx6Lb72oRVNfyr54dfhkVjR2w7iSAqdlQLaDhRWiTF44-L6vbcYTT0PwTEguJaI-ly4aOomgHl8ERb6Z1JM&sig=Cg0ArKJSzGIqLLTjmKOUEAE&cid=CAASFeRolBXWmh0-5fpDn-lQgRVUC53z2Q&id=ampim&o=1290,1&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=114&tls=1114&g=100&h=100&tt=1115&r=v&avms=ampa&adk=4225869739
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B0C4 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb7b37363407516335166be0e7578509ade4d1d2cdfe62bf820794f935ca83bc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
impr
gaa.adscale.de/ Frame B0C4 		940 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaa.adscale.de/impr?v=2&sid=YzVkODQw&nu=0&t=1605272770230&iFrame&ssl=1&pos=above&ws=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&uuid=91271a45-0142-4204-be47-c9d9d53c243d&scuid=c499927d05444db7919dd1a5b38d60cc&sa=1
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.86.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a3436eee63857ff41.awsglobalaccelerator.com
Software
/
Resource Hash
2b1d3a61c96ff30e4502c968ade0632d8bf70e27d07986c9cc00b050cef7bec8

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:13 GMT
cache-control
no-cache
content-type
text/javascript
x-robots-tag
none
content-length
940
p3p
CP=NOI PSA OUR
pixel
tracking.m6r.eu/consent/ Frame B0C4
Redirect Chain
  • https://tracking.m6r.eu/consent/pixel?gdprFallback=referer
  • https://tracking.m6r.eu/consent/pixel?gdprFallback=referer&checkcookies=true
44 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.m6r.eu/consent/pixel?gdprFallback=referer&checkcookies=true
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.75 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-91-75.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:10 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
44
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://tracking.m6r.eu/consent/pixel?gdprFallback=referer&checkcookies=true
Date
Fri, 13 Nov 2020 13:06:10 GMT
Server
nginx
Connection
keep-alive
Content-Length
98
Content-Type
text/plain; charset=utf-8
truncated
/ Frame DC03 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e00a0ce391fce34e43a48b76367d1f0f088f1122d966acecda1c61538e433649

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
impr
gaa.adscale.de/ Frame DC03 		941 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaa.adscale.de/impr?v=2&sid=YzVkN2Mw&nu=0&t=1605272770265&iFrame&ssl=1&pos=above&ws=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&uuid=9dca9de2-1135-4d4a-9ff7-0961490cda9a&scuid=c499927d05444db7919dd1a5b38d60cc&sa=1
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.86.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a3436eee63857ff41.awsglobalaccelerator.com
Software
/
Resource Hash
4b7f534f7485c5191f5e0bee531c337a477018c1c2d8b3cb4cda202b26c4f01e

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:13 GMT
cache-control
no-cache
content-type
text/javascript
x-robots-tag
none
content-length
941
p3p
CP=NOI PSA OUR
pixel
tracking.m6r.eu/consent/ Frame DC03
Redirect Chain
  • https://tracking.m6r.eu/consent/pixel?gdprFallback=referer
  • https://tracking.m6r.eu/consent/pixel?gdprFallback=referer&checkcookies=true
44 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.m6r.eu/consent/pixel?gdprFallback=referer&checkcookies=true
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.75 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-91-75.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:10 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
44
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://tracking.m6r.eu/consent/pixel?gdprFallback=referer&checkcookies=true
Date
Fri, 13 Nov 2020 13:06:10 GMT
Server
nginx
Connection
keep-alive
Content-Length
98
Content-Type
text/plain; charset=utf-8
ixmatch.html
js-sec.indexww.com/um/ Frame EEDE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

Server
Apache
Last-Modified
Tue, 06 Oct 2020 14:04:48 GMT
ETag
"e20015-8f4-5b10114f2003a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1136
Date
Fri, 13 Nov 2020 13:06:11 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame E5FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=139955
Expires
Sun, 15 Nov 2020 03:58:48 GMT
Date
Fri, 13 Nov 2020 13:06:13 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A0B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-212-16.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tgCFRUZWfOQd0q435P2/gQaqTCqCKieGkTxzCtz/GWjvGSkTNWjmsGgfE/2wGlVwK8BMqZcvhERo6qmPGCb9ZP8X4JPKBYjCRbro=; ses2=; vis2=252072^1; khaos=KHG9YIBI-1O-7KW6; vis15=252072^1; ses15=252072^1; ses9=; vis9=252072^1; ses8=; vis8=252072^1; audit=1|hLZGFuTafB0xLGrgsQ/MBHp4/TMPY9Xw0kx9hrpw8UmCNSL+kAdTKYxe1ahZCcTXJhsHlJbldDcIeKMH8zoxZqZr5ZVxLWDe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 Nov 2020 13:06:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 76F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

Connection
keep-alive
Content-Length
17037
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Tue, 24 Mar 2020 15:52:19 GMT
ETag
W/"5e7a2cb3-cefd"
Expires
Fri, 04 Sep 2020 06:04:52 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 13 Nov 2020 13:06:10 GMT
Age
25136
X-Served-By
cache-lga21951-LGA, cache-hhn4069-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 371702
X-Timer
S1605272770.490887,VS0,VE0
Vary
Accept-Encoding
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 0129 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a6bub4p1605272767404
Requested by
Host: d1quwwdmdfumn6.cloudfront.net
URL: https://d1quwwdmdfumn6.cloudfront.net/t3n/2018/scripts/ad-scripts--vendor-1604397633.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.10.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-10-179.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
pre.ads.justpremium.com
:scheme
https
:path
/v/1.0/t/sync?_c=a6bub4p1605272767404
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
jpxumaster=r-d6d5d15f-0e59-475c-bfaa-3fe14bd03e24-104340-461172384; jpxsession=r-e8a0aff7-0bc8-4256-9117-8d00cb3b2d54-104340-461223784; jpxuuid=r-abf61045-9667-4573-a48b-f23390c179bc-104340-461244132; 82360_312028=0_0_0; 82360_312861=0_0_0; 82360_320878=0_0_0; 82359_312024=0_0_0; 82359_312025=0_0_0; 82359_312026=0_0_0; 82359_420696=0_0_0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:10 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-cache, no-store, must-revalidate
set-cookie
OX_u=; max-age=-1605272770.479; expires=Thu Jan 01 1970 00:00:00 GMT+0000 (Coordinated Universal Time); path=/; domain=.justpremium.com; SameSite=None; Secure; jpxumaster=r-d6d5d15f-0e59-475c-bfaa-3fe14bd03e24-104340-461172384; max-age=2592000; expires=Sun Dec 13 2020 13:06:10 GMT+0000 (Coordinated Universal Time); path=/; domain=.justpremium.com; SameSite=None; Secure;
container
tracking.m6r.eu/pixel/ Frame B0C4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.m6r.eu/pixel/container?pixelId=0026e174-2895-4cf9-955d-36adb22e0a87&gdprFallback=referer&BaSite=45098175&BaSection=52533135
Requested by
Host: cdn.m6r.eu
URL: https://cdn.m6r.eu/sync/api
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.75 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-91-75.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
499f7bd2e404ac6d5f0ed3231711c56ce1136990179ad48fcd2fa15a03f160f9

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:10 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
978
container
tracking.m6r.eu/pixel/ Frame DC03 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.m6r.eu/pixel/container?pixelId=0026e174-2895-4cf9-955d-36adb22e0a87&gdprFallback=referer&BaSite=45098175&BaSection=52533135
Requested by
Host: cdn.m6r.eu
URL: https://cdn.m6r.eu/sync/api
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.75 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-91-75.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7441d388aa3ad4cfc4f942dcc8ed9fc733ec713b4466e23931ed54db91dc1f07

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:10 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
973
m
ad.yieldlab.net/ Frame B0C4
Redirect Chain
  • https://tracking.m6r.eu/sync/yieldlabRedirect?gdprFallback=true&
  • https://ad.yieldlab.net/m?dt_id=36356&ext_id=fa3c80c1962e0f9201fa1411e0927475&
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=36356&ext_id=fa3c80c1962e0f9201fa1411e0927475&
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.72 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:10 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Thu, 12 Nov 2020 13:06:10 GMT

Redirect headers

Location
https://ad.yieldlab.net/m?dt_id=36356&ext_id=fa3c80c1962e0f9201fa1411e0927475&
Date
Fri, 13 Nov 2020 13:06:10 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
100
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
adxSyncDone
tracking.m6r.eu/sync/ Frame B0C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=-jyAwZYuD5IB-hQR4JJ0dQ&
  • https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_ula=158217889,0
44 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_ula=158217889,0
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.75 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-91-75.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:10 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
44
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:10 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_ula=158217889,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
282
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame B0C4
Redirect Chain
  • https://tracking.m6r.eu/sync/appnexusRedirect?gdprFallback=true&
  • https://ib.adnxs.com/setuid?entity=197&code=fa3c80c1962e0f9201fa1411e0927475&
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D197%26code%3Dfa3c80c1962e0f9201fa1411e0927475%26
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D197%26code%3Dfa3c80c1962e0f9201fa1411e0927475%26
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:10 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.40:80
AN-X-Request-Uuid
b81d6885-d255-4c87-ba73-10b3a209cb2b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:10 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.148:80
AN-X-Request-Uuid
d890f0af-f4ec-4545-bc99-8613f7dfbc69
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D197%26code%3Dfa3c80c1962e0f9201fa1411e0927475%26
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adscaleSyncDone
tracking.m6r.eu/sync/ Frame B0C4
Redirect Chain
  • https://ih.adscale.de/adscale-ih/tpui?tpid=48&tpuid=fa3c80c1962e0f9201fa1411e0927475&cburl=https%3A%2F%2Ftracking.m6r.eu%2Fsync%2FadscaleSyncDone%3FuserBuyeruid%3Dfa3c80c1962e0f9201fa1411e0927475%2...
  • https://ih.adscale.de/adscale-ih/tpui?tpid=48&tpuid=fa3c80c1962e0f9201fa1411e0927475&cburl=https%3A%2F%2Ftracking.m6r.eu%2Fsync%2FadscaleSyncDone%3FuserBuyeruid%3Dfa3c80c1962e0f9201fa1411e0927475%2...
  • https://tracking.m6r.eu/sync/adscaleSyncDone?userBuyeruid=fa3c80c1962e0f9201fa1411e0927475&gdprFallback=true&userId=adscale-user:bdc2835b6918751efe834e5421508b3196714db7cc2e410ad86fbfd477798407
44 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.m6r.eu/sync/adscaleSyncDone?userBuyeruid=fa3c80c1962e0f9201fa1411e0927475&gdprFallback=true&userId=adscale-user:bdc2835b6918751efe834e5421508b3196714db7cc2e410ad86fbfd477798407
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.75 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-91-75.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:10 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
44
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

status
307
date
Fri, 13 Nov 2020 13:06:10 GMT
server
Apache-Coyote/1.1
content-length
0
location
https://tracking.m6r.eu/sync/adscaleSyncDone?userBuyeruid=fa3c80c1962e0f9201fa1411e0927475&gdprFallback=true&userId=adscale-user:bdc2835b6918751efe834e5421508b3196714db7cc2e410ad86fbfd477798407
p3p
CP=NOI PSA OUR
m
ad.yieldlab.net/ Frame DC03
Redirect Chain
  • https://tracking.m6r.eu/sync/yieldlabRedirect?gdprFallback=true&
  • https://ad.yieldlab.net/m?dt_id=36356&ext_id=fc65a735ab8bca7865ef07f0c8ee027d&
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=36356&ext_id=fc65a735ab8bca7865ef07f0c8ee027d&
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.59.72 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-59-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:10 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Thu, 12 Nov 2020 13:06:10 GMT

Redirect headers

Location
https://ad.yieldlab.net/m?dt_id=36356&ext_id=fc65a735ab8bca7865ef07f0c8ee027d&
Date
Fri, 13 Nov 2020 13:06:10 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
100
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
ib.adnxs.com/ Frame DC03
Redirect Chain
  • https://tracking.m6r.eu/sync/appnexusRedirect?gdprFallback=true&
  • https://ib.adnxs.com/setuid?entity=197&code=fc65a735ab8bca7865ef07f0c8ee027d&
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=197&code=fc65a735ab8bca7865ef07f0c8ee027d&
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:10 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.54:80
AN-X-Request-Uuid
6851594f-4bec-4b41-818d-6d62d0885d3c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Location
https://ib.adnxs.com/setuid?entity=197&code=fc65a735ab8bca7865ef07f0c8ee027d&
Date
Fri, 13 Nov 2020 13:06:10 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
99
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
adxSyncDone
tracking.m6r.eu/sync/ Frame DC03
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=_GWnNauLynhl7wfwyO4CfQ&
  • https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_ula=158217889,0
44 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_ula=158217889,0
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.75 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-91-75.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:10 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
44
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:10 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_ula=158217889,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
282
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adscaleSyncDone
tracking.m6r.eu/sync/ Frame DC03
Redirect Chain
  • https://ih.adscale.de/adscale-ih/tpui?tpid=48&tpuid=fc65a735ab8bca7865ef07f0c8ee027d&cburl=https%3A%2F%2Ftracking.m6r.eu%2Fsync%2FadscaleSyncDone%3FuserBuyeruid%3Dfc65a735ab8bca7865ef07f0c8ee027d%2...
  • https://ih.adscale.de/adscale-ih/tpui?tpid=48&tpuid=fc65a735ab8bca7865ef07f0c8ee027d&cburl=https%3A%2F%2Ftracking.m6r.eu%2Fsync%2FadscaleSyncDone%3FuserBuyeruid%3Dfc65a735ab8bca7865ef07f0c8ee027d%2...
  • https://tracking.m6r.eu/sync/adscaleSyncDone?userBuyeruid=fc65a735ab8bca7865ef07f0c8ee027d&gdprFallback=true&userId=adscale-user:1bb9f327c1a9e9a67672351cea2ec26819e0e5e5a272bb1da2d37382073551d4
44 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.m6r.eu/sync/adscaleSyncDone?userBuyeruid=fc65a735ab8bca7865ef07f0c8ee027d&gdprFallback=true&userId=adscale-user:1bb9f327c1a9e9a67672351cea2ec26819e0e5e5a272bb1da2d37382073551d4
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.75 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-91-75.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:10 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
44
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

status
307
date
Fri, 13 Nov 2020 13:06:10 GMT
server
Apache-Coyote/1.1
content-length
0
location
https://tracking.m6r.eu/sync/adscaleSyncDone?userBuyeruid=fc65a735ab8bca7865ef07f0c8ee027d&gdprFallback=true&userId=adscale-user:1bb9f327c1a9e9a67672351cea2ec26819e0e5e5a272bb1da2d37382073551d4
p3p
CP=NOI PSA OUR
csi
csi.gstatic.com/ 		0
331 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~khg9yj1r&ctx=0&met.9=1.7m~2.cn&met.3=112.16x_1~298.1ra~298.1ra~298.1re~298.1rf~298.1rf~298.1rg~298.1rg~298.1rg~155.1qx_n~130.1rl~132.1rn~132.1ro~132.1ro~132.1s5~132.1s5~132.1s6_1~132.1sj~132.1sj~132.1sl~132.1sl~132.1sm~132.1tp~132.1tp~132.1tz~132.1u0~132.1u1~132.1u2_1~132.1u2~132.1u6~132.1u7~132.1uc~132.1uc~132.1ud~132.1ud~132.1ud_2~132.1uf~132.1ug~132.1uh~132.1v7~132.1vl~143.1vm_4~132.1wg~132.1x6~132.1x6~132.1x7~132.1x8~132.1x8~132.1x9~130.1y1_1~130.1y3~132.1yi~132.1yi~132.1yj~132.1yj~132.1yk~132.1yk~129.1z9~143.1zd_3~132.20a~132.20a~132.215~132.21z~132.220~132.220~143.228_3~298.22s~143.253_3~129.267~143.27y_3~143.2at_5~298.2bj~129.2d5~143.2dq_3~143.2gl_3~143.2jg_3~129.2k4~143.2mb_3~143.2p6_3~129.2r2~143.2s1_3~132.2tt~132.2tt~143.2uw_3~132.2x6~132.2x7~143.2xr_3~132.2y5~132.2y5~129.2y5~143.30m_4~143.33i_4~129.354~143.36e_3~143.399_3~129.3c2~143.3c4_3~143.3ez_3~143.3hu_3~129.3j1~143.3kp_3~143.3nk_3~129.3pz~143.3qf_3~143.3ta_3~143.3w5_3~129.3wx~143.3z1_3~143.41v_3~129.43v~143.44r_3~143.47m_4~143.4ai_2~129.4au~143.4dc_2~143.4g6_2~129.4hs~143.4j1_3~143.4lw_3~129.4oq~143.4or_2~143.4rl_3~143.4uh_2~129.4vo~143.4xb_3~143.506_3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4000:811::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
status
204
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
userconnect.js
js.adscale.de// Frame DC03 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de//userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.73.125 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-73-125.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8fe9eb655748f1c518539049a842386c9eb8001c7c4050c4ab10f9725d04429a

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
WxKKNklMI22LgmabtZNrDpjnNP6aozF3
Content-Encoding
gzip
Last-Modified
Sat, 07 Nov 2020 00:14:22 GMT
Server
AmazonS3
x-amz-request-id
DA27C0CEDDEA3A98
ETag
"7c841427f4d7fdd0f719b42c50789fc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Fri, 13 Nov 2020 13:06:13 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4415
x-amz-id-2
G+QA1m3FhYfi2IgnGL04VBpNEiDwrklv03BjSFIRBIt0M4Fdj92U0L8FGn37VfTJGxLnF+qXW44=
userconnect.js
js.adscale.de// Frame B0C4 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de//userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.73.125 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-73-125.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8fe9eb655748f1c518539049a842386c9eb8001c7c4050c4ab10f9725d04429a

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
WxKKNklMI22LgmabtZNrDpjnNP6aozF3
Content-Encoding
gzip
Last-Modified
Sat, 07 Nov 2020 00:14:22 GMT
Server
AmazonS3
x-amz-request-id
DA27C0CEDDEA3A98
ETag
"7c841427f4d7fdd0f719b42c50789fc0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Fri, 13 Nov 2020 13:06:13 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4415
x-amz-id-2
G+QA1m3FhYfi2IgnGL04VBpNEiDwrklv03BjSFIRBIt0M4Fdj92U0L8FGn37VfTJGxLnF+qXW44=
view
securepubads.g.doubleclick.net/pcs/ Frame DC03 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbJloNoloNCF4IXld8jK52NLKCcOFZUcmkf5DZ2yxSVkZkMN4PFEtl-JFR5Cakp2u_fUUyS91jClcqy36kiD3S_-g-XCyxHNeRB5ApLOhJ1Vpm_pbPQOM3_aEL_GYLrOsvni5xC2Ca3vwZWGJzVThAOZWZoELeGkdxkZAeBTEfmsrDj51wEyxGsGPHey2d7GHB3vTw9luwsB8JUQrgEVjqkBgSs26hRviw8VeZ1URceQYoBzsU18rLDozqddxbjA2Jr6TV7_AB3LMkSzD5OA&sig=Cg0ArKJSzKwClUbeF_fpEAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:13 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame B0C4 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPha1PMlu4kczrXTrIquemb8njHoc5jlYxR5MpG-127ABSR62CZwNfLdc2maZT6hmMfLOaNCRwUgqkm4RNAPKzeJbLfLXh77RcENRKIjL58UC8E65X1o4rHuRuyszFOkPEvYbm3XKaUwvD9qEnvsGaMSpjxlE4GkbQGoY5OxUqH7SMFJwFqfLVSAzu1JwUjE-IaAMPnoVfAU3yIQYtAR1ZqOZGbliIWjl664PP-84GBla_0SeX5fCyYgetqp2A4xj9rxIjbdCD9OBxRBHH6w&sig=Cg0ArKJSzGonwBuBE6QrEAE&urlfix=1&adurl=
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:13 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
userconnect
ih.adscale.de/ Frame DC03 		181 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=YzVkN2Mw&cbfn=stroeerCoreConnect&ts=1605272775545&umd=false&gdpr_err=CMP_TIME_OUT
Requested by
Host: js.adscale.de
URL: https://js.adscale.de//userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.91.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-91-13.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
6d62d5829b3adde8fec4b48d4f3f473a2fb2765e22e0d1d0afae1f77dcc56570

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:15 GMT
server
Apache-Coyote/1.1
content-length
181
content-type
application/javascript
map
ih.adscale.de/ Frame C3A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1
Requested by
Host: js.adscale.de
URL: https://js.adscale.de//userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.91.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-91-13.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tu=4#1008137278#48~fc65a735ab8bca7865ef07f0c8ee027d~445909~0~0; uu=ba3b3f0ea87847479f2ba9b714d1bd46; ng=2#1837746835#26754546#84145
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:15 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2655
server
Apache-Coyote/1.1
set-cookie
tu=4#320753525#48~fc65a735ab8bca7865ef07f0c8ee027d~445909~0~0#101~~445909~445909~1#38~~445909~445909~1#39~~445909~445909~1#40~~445909~445909~1#42~~445909~445909~1#75~~445909~445909~1#108~~445909~445909~1#63~~445909~445909~1; Max-Age=2592000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None
nuggad
nugmw.userreport.com/rc-ap/ac8141c5-cdfd-4c93-a2e3-55d58d8eed0b/si.nuggad.net/ Frame DC03
Redirect Chain
  • https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715
  • https://nugmw.userreport.com/rc-ap/ac8141c5-cdfd-4c93-a2e3-55d58d8eed0b/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nugmw.userreport.com/rc-ap/ac8141c5-cdfd-4c93-a2e3-55d58d8eed0b/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a800:1f:a1b:34c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ecec787c32bec7309ef7cfb97fd2e8633d699fa720e9ff7422e8506edd54506e

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:15 GMT
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
server
nginx/1.16.1
x-amz-cf-pop
FRA2-C1
access-control-allow-methods
get, post, options
content-type
text/javascript
status
200
cache-control
s-maxage=0, max-age=0
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
accept
content-length
1892
x-amz-cf-id
CPm-cVz7qMP555u3DqBT_WXtMe4k9yX96P8ZXqROUem4NDwmXR-mig==

Redirect headers

date
Fri, 13 Nov 2020 13:06:15 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server
nginx/1.16.1
x-amz-cf-pop
FRA50-C1
status
302
access-control-allow-methods
get, post, options
location
https://nugmw.userreport.com/rc-ap/ac8141c5-cdfd-4c93-a2e3-55d58d8eed0b/si.nuggad.net/nuggad?nuggn=571289945&nuggsid=1029839715
cache-control
s-maxage=0, max-age=0
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
accept
content-length
0
x-amz-cf-id
ft2zA_l6fuWGC9u9U-D2ikFAYruHLLbDrD2nPtw0eiqVVwWwhzvZyQ==
nuggad
ih.adscale.de/ Frame DC03 		49 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/nuggad?/nvars/d7=1&d10=3&d2=3&d4=1&d11=5&d8=1&d9=3&d12=4&d1=1&d3=2
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.91.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-91-13.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:15 GMT
server
Apache-Coyote/1.1
content-type
image/gif
content-length
49
p3p
CP=NOI PSA OUR
launcher.js
sak.userreport.com/sdm/ Frame DC03 		104 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sak.userreport.com/sdm/launcher.js
Requested by
Host: si.nuggad.net
URL: https://si.nuggad.net/rc?nuggn=571289945&nuggsid=1029839715
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.73.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-76.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11b4b4f49bba1eced56c6d9fe1156b060ea7dc752688006b7b2717c5c2b3496b

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
lVd7Lq12TPZMWqOhhbLu2OuIc3x0fWBh
content-encoding
gzip
last-modified
Mon, 09 Nov 2020 12:45:37 GMT
server
AmazonS3
age
29
etag
"2385a68f1a3656bf659f7db6b5422dca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=7200, s-maxage=60
date
Fri, 13 Nov 2020 13:05:47 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
0AOC94hd0r2JoEqg4oeL3cPLL7LnRS8kvtCC27m9tqy1tOrMvMrt5Q==
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-19.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:16 GMT
last-modified
Wed, 14 Oct 2020 08:08:54 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1602663155.580665"
status
200
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
cookie
CheetahStaging=true
accept-ranges
bytes
timing-allow-origin
*
content-length
2326
expires
Sun, 13 Dec 2020 13:06:16 GMT
vpts.js
static.vidazoo.com/basev/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/vpts.js
Requested by
Host: libs.outbrain.com
URL: https://libs.outbrain.com/vidget/vidget.js?e=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
cd8eb12655a8ddceb0cf2d593f6bb77a9b7fc22f3c96dce4ed400046564cdf2e

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Apr 2020 12:07:11 GMT
ETag
"1586174831"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=65265
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
10246
X-HW
1605272777.dop210.pa1.t,1605272777.cds230.pa1.shn,1605272777.cds230.pa1.c
json
server7.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/ 		49 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://server7.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/json
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.138.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2c3954a349b04ba154e9e326ea76cd19bc6613309e58af1d0aff07de557cea8b

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Fri, 13 Nov 2020 13:06:18 GMT
Content-Encoding
gzip
Server
Cowboy
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://t3n.de
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
25174
Via
1.1 vegur
json
server7.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://server7.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/json
Protocol
HTTP/1.1
Server
54.243.138.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://t3n.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Access-Control-Allow-Origin
https://t3n.de
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Date
Fri, 13 Nov 2020 13:06:17 GMT
Content-Length
0
Via
1.1 vegur
sbt.js
static.vidazoo.com/basev/1.0.434/ 		557 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.434/sbt.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
8f55aa9fb456dd801b75207e67407ad79094a4635556880bd9404c449ad36418

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:18 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Oct 2020 10:56:08 GMT
ETag
"1601808968"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=29838
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
118121
X-HW
1605272777.dop210.pa1.t,1605272778.cds230.pa1.shn,1605272778.dop210.pa1.t,1605272778.cds224.pa1.c
settings.txt
static.vidazoo.com/basev/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/settings.txt
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.434/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b804261161e0a62d2f78bbc1484a2e50088aaa0e85e21ab754c840204f24698f

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Nov 2020 03:56:18 GMT
ETag
"1605153378"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=82578
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
text/plain
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
7265
X-HW
1605272778.dop205.pa1.t,1605272778.cds219.pa1.shn,1605272778.dop205.pa1.t,1605272778.cds029.pa1.c
outbrain.js
static.vidazoo.com/basev/skins/outbrain/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/skins/outbrain/outbrain.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.434/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
3f006dec88c65732acad8ea71a9bcc6be450a360567eccc8174da37df54c6038

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Apr 2020 12:23:25 GMT
ETag
"1586175805"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=30486
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
19996
X-HW
1605272777.dop210.pa1.t,1605272778.cds230.pa1.shn,1605272778.dop210.pa1.t,1605272778.cds224.pa1.c
28dfa12e-ba43-4b6a-8cd6-3c8eca16cdcd
https://t3n.de/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://t3n.de/28dfa12e-ba43-4b6a-8cd6-3c8eca16cdcd
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee441245ef85f538030acf5e534d1cf2664c18289cec8cc0d84656ffb0e0a95d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
1205
blank.mp4
static.vidazoo.com/basev/ 		891 B
2 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/blank.mp4
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 13 Nov 2020 13:06:18 GMT
Content-Range
bytes 0-890/891
Last-Modified
Mon, 06 Apr 2020 12:07:11 GMT
ETag
"1586174831"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=11465
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
video/mp4
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
891
X-HW
1605272777.dop210.pa1.t,1605272778.cds230.pa1.shn,1605272778.dop210.pa1.t,1605272778.cds224.pa1.c
7d56b894-e947-455e-a054-b7287d010cfb
https://t3n.de/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://t3n.de/7d56b894-e947-455e-a054-b7287d010cfb
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e920612ce29a3290fc2edbaab7647470f21dda35cc1a350f9b8b362fc4d3ebe

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
1515
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e38335b8da3a11b4a278e7572f99a3990da81b9764b7526bd7b69ec0c6a57c84

Request headers

Origin
https://t3n.de
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
prebid.js
static.vidazoo.com/basev/1.0.434/prebid/ Frame C49A 		374 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.434/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.434/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ad90a2f9bbe8d35f350e16eceeb0b7c49fe853cc52a32a62c9fc2fc84bcab9bd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:18 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Oct 2020 10:56:08 GMT
ETag
"1601808968"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=29838
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
118014
X-HW
1605272777.dop210.pa1.t,1605272778.cds230.pa1.shn,1605272778.dop210.pa1.t,1605272778.cds224.pa1.c
5e369b45879a340004f7e9e3.mp4
inventory.vidazoo.com/5a9ea5a0225f7d0004c70045/5e369b45879a340004f7e9e3/ 		10 KB
11 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://inventory.vidazoo.com/5a9ea5a0225f7d0004c70045/5e369b45879a340004f7e9e3/5e369b45879a340004f7e9e3.mp4
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
0d3e39f8fc8dd7dbd323f99696f9e553dc774af283e7ba37d4684eee6d6f0809

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 13 Nov 2020 13:06:18 GMT
Last-Modified
Sun, 02 Feb 2020 09:52:17 GMT
Access-Control-Allow-Origin
*
ETag
"1580637137"
X-HW
1605272778.dop206.pa1.t,1605272778.cds006.pa1.shn,1605272778.cds006.pa1.c
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Range
bytes 0-10410/10411
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
public, max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
video/mp4
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
10411
translator
hbopenbid.pubmatic.com/ Frame C49A 		0
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.434/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 13 Nov 2020 13:06:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://t3n.de
translator
hbopenbid.pubmatic.com/ Frame C49A 		0
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.434/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 13 Nov 2020 13:06:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://t3n.de
translator
hbopenbid.pubmatic.com/ Frame C49A 		0
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.434/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 13 Nov 2020 13:06:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://t3n.de
avjp
outbrain-d.openx.net/v/1.0/ Frame C49A 		92 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=7f0a418a-a073-4146-a773-1ebdde671822&nocache=1605272778732&gdpr=0&schain=1.0%2C1!outbrain.com%2C0004bc484debb11ce906fab7646424dd92%2C1%2C%2C%2C&auid=540979540&vwd=618&vht=556&vos=101
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.434/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.197.0 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:18 GMT
via
1.1 google
server
OXGW/16.197.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://t3n.de
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame C49A 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=OutbrainHB
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.434/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.15.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://t3n.de
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
aniview.js
player.aniview.com/script/6.1/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: libs.outbrain.com
URL: https://libs.outbrain.com/vidget/vidget.js?e=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:4bc::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
UploadServer /
Resource Hash
e48b41194e160d21995423b168df29c00140d84105e6907bba5d4522150e3213

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:18 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxQ9YE6HoUF317ERBEDay-AjEySfHkFsMx4fh1TfmE8NryDCZh8RvUFiOyIHIkqcKI0sutHF8Yu34wf1Bac37sSpvMU_Q
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
8922
last-modified
Thu, 12 Nov 2020 09:19:08 GMT
server
UploadServer
etag
"7b422a23d6bd9578019e2d6ac6b0c477"
vary
Accept-Encoding
x-goog-hash
crc32c=S4DDDw==, md5=e0IqI9a9lXgBni1qxrDEdw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1605172748941738
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
8922
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 13 Nov 2020 13:11:18 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame B013 		336 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:4bc::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
UploadServer /
Resource Hash
d2cf7fc7c2768f9e0ea08dab28a574b2636e4e7745589dcaa02feceba2717538

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:18 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxDGGujJVDww_BPdUO7djUwdhYkxxYz43uRbVct8gYsV7ftwRLSawdGboy4upXJxX3vAWcl3iv2dFqFT28OKeaz7I8a6Q
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
100606
last-modified
Thu, 12 Nov 2020 09:18:58 GMT
server
UploadServer
etag
"45039cb3783518468d30b2e79d518f44"
vary
Accept-Encoding
x-goog-hash
crc32c=zt8ylQ==, md5=RQOcs3g1GEaNMLLnnVGPRA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1605172738410538
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
100606
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 13 Nov 2020 13:11:18 GMT
track
track1.aniview.com/ Frame B013 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=t3n.de&sn=3994&cd1=AR_1&cd2=no_abtest&cd3=6701667&cd4=footerundefined&ic=0&tgt=0&app=&wi=617&he=556&test=&apppkg=&fv=3&proto=https&pid=58a5addb28a0612d3529bc5e&cid=5b815a8c073ef40d3353bdef&e=inventory&vi=0&cb=1605272778998
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
observe.aniview.com/api/adserver/tag/ Frame B013 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://observe.aniview.com/api/adserver/tag/?AV_SUBID=3994&AV_CDIM1=AR_1&AV_UID=a335ed066c82a43430a2a42ee5ad1904&AV_CDIM2=no_abtest&AV_CDIM3=6701667&AV_CDIM4=footerundefined&AV_SCHAIN=1.0%2C1!outbrain.com%2C0000000000000000000000000000000000%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&AV_CHANNELID=5b815a8c073ef40d3353bdef&format=json&tgt=0&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=t3n.de&AV_DADPOS=3&v=6.1.1.243&avtoken=778998&AV_WIDTH=617&AV_HEIGHT=556&cb=1605272779010
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.228.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
18b608317682ff644afb5b064702c769e52a0c50530da0da15bf6ffac97bd7c6

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:19 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://t3n.de
cache-control
no-cache
access-control-allow-credentials
true
expires
Sun, 01 Nov 2020 23:19:39 GMT
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
translator
hbopenbid.pubmatic.com/ 		0
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 13 Nov 2020 13:06:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://t3n.de
cygnus
as-sec.casalemedia.com/ 		23 B
997 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=438316&v=8.1&r=%7B%22id%22%3A%221605272779415%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221605272779415%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438316%22%2C%22sid%22%3A%22617x556%22%7D%2C%22video%22%3A%7B%22skippable%22%3Afalse%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A617%2C%22h%22%3A556%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%220000000000000000000000000000000000%22%2C%22asi%22%3A%22outbrain.com%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&ac=j&sd=1&nf=1&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
be3e06714056c4fa93aab105ba99445d77f55984409aa9448674529b053d9394

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:19 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://t3n.de
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
43
Expires
Fri, 13 Nov 2020 13:06:19 GMT
257438
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/257438
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 Nov 2020 13:06:19 GMT
X-SpotX-Timing-Transform
0.000938
X-SpotX-Timing-SpotMarket
0.006508
X-SpotX-Timing-Page-Mux
0.001071
X-SpotX-Timing-Page-Require
0.000484
X-fe
010
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
X-SpotX-Timing-Page
0.013525
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000302
Last-Modified
Fri, 13 Nov 2020 13:06:19 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006508
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://t3n.de
X-SpotX-Timing-Page-Misc
0.004178
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 13 Nov 2020 13:06:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://t3n.de
openrtb
ads.adaptv.advertising.com/rtb/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=OutbrainHB
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.15.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://t3n.de
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
track
track1.aniview.com/ Frame B013 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=t3n.de&rs=t3n.de&sid=72633&t=1605272779&cip=185.156.175.107&sn=3994&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=617&he=556&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&aafaid=&proto=https&uid=1605272779336-950072595250-020218-004-008571&imid=f8ba20ce8655d39ba07dd1748f2df5bc92969046311723150163&cha=0.7&cb=24753546723&cd3=6701667&cd4=footerundefined&cd1=AR_1&cd2=no_abtest&d9=0000&AV_WIDTH=617&AV_HEIGHT=556&nid=58a5addb28a0612d3529bc5e&ncid=5b815a8c073ef40d3353bdef&e=request&cb=1605272779418&asid=5def713128a0610c6d24fef4%2C5df9036f28a0610bf05d287c%2C5cd836dc073ef42bef4623d7%2C5fad3ac0d4902d70c27edaae%2C5e28b80628a06101d714b517&ofpr=2.5%2C2%2C3%2C4.6%2C2.1&fpo=%2C%2C%2C%2C
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sync
ups.analytics.yahoo.com/ups/57304/ Frame B013
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_sc=&google_tc=
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEFiuwQMOgyXRDPGchgsCkIU&google_cver=1
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEFiuwQMOgyXRDPGchgsCkIU&google_cver=1&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFiuwQMOgyXRDPGchgsCkIU&google_cver=1&apid=UP0572ca5f-25b1-11eb-ac54-06cba1e117e2
0
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFiuwQMOgyXRDPGchgsCkIU&google_cver=1&apid=UP0572ca5f-25b1-11eb-ac54-06cba1e117e2
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:19 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Fri, 13 Nov 2020 13:06:19 GMT
location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFiuwQMOgyXRDPGchgsCkIU&google_cver=1&apid=UP0572ca5f-25b1-11eb-ac54-06cba1e117e2
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
%7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ Frame B013 		43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55986/ Frame B013
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=X66EywAAAKlI0Czr&_origin=0&gdpr=0&gdpr_consent=&_test=X66EywAAAKlI0Czr
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=X66EywAAAKlI0Czr&_origin=0&gdpr=0&gdpr_consent=&_test=X66EywAAAKlI0Czr&apid=UP0572ca5f-25b1-11eb-ac54-06cba1e117e2
0
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=X66EywAAAKlI0Czr&_origin=0&gdpr=0&gdpr_consent=&_test=X66EywAAAKlI0Czr&apid=UP0572ca5f-25b1-11eb-ac54-06cba1e117e2
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 13:06:19 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Fri, 13 Nov 2020 13:06:19 GMT
location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=X66EywAAAKlI0Czr&_origin=0&gdpr=0&gdpr_consent=&_test=X66EywAAAKlI0Czr&apid=UP0572ca5f-25b1-11eb-ac54-06cba1e117e2
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
pixel.advertising.com/ups/55953/ Frame B013
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://pixel.advertising.com/ups/55953/sync?uid=ec128f23-f1d1-4c69-972f-bb4ec3b3eb5a&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=ec128f23-f1d1-4c69-972f-bb4ec3b3eb5a
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55953/sync?uid=ec128f23-f1d1-4c69-972f-bb4ec3b3eb5a&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=ec128f23-f1d1-4c69-972f-bb4ec3b3eb5a
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.10.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Fri, 13 Nov 2020 13:06:19 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:19 GMT
x-aspnet-version
4.0.30319
status
302
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.advertising.com/ups/55953/sync?uid=ec128f23-f1d1-4c69-972f-bb4ec3b3eb5a&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=ec128f23-f1d1-4c69-972f-bb4ec3b3eb5a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
369
showad.js
ads.pubmatic.com/AdServer/js/ Frame E281 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=139949
Expires
Sun, 15 Nov 2020 03:58:48 GMT
Date
Fri, 13 Nov 2020 13:06:19 GMT
Connection
keep-alive
Vary
Accept-Encoding
cygnus
as-sec.casalemedia.com/ 		23 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=438316&v=8.1&r=%7B%22id%22%3A%221605272779686%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221605272779686%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438316%22%2C%22sid%22%3A%22617x556%22%7D%2C%22video%22%3A%7B%22skippable%22%3Afalse%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A617%2C%22h%22%3A556%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%220000000000000000000000000000000000%22%2C%22asi%22%3A%22outbrain.com%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&ac=j&sd=1&nf=1&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
280d54a555d775010e289b74dc10f4426ceac186c3b396db9d733873d0bbd4aa

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:19 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://t3n.de
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
43
Expires
Fri, 13 Nov 2020 13:06:19 GMT
257438
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/257438
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 Nov 2020 13:06:19 GMT
X-SpotX-Timing-Transform
0.000268
X-SpotX-Timing-SpotMarket
0.005153
X-SpotX-Timing-Page-Mux
0.000758
X-SpotX-Timing-Page-Require
0.000296
X-fe
096
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.009271
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000260
Last-Modified
Fri, 13 Nov 2020 13:06:19 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005153
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://t3n.de
X-SpotX-Timing-Page-Misc
0.002504
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
track1.aniview.com/ Frame B013 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=OSX&r=t3n.de&rs=t3n.de&sid=72633&t=1605272779&cip=185.156.175.107&sn=3994&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=617&he=556&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&aafaid=&proto=https&uid=1605272779336-950072595250-020218-004-008571&imid=f8ba20ce8655d39ba07dd1748f2df5bc92969046311723150163&cha=0.7&cb=24753546723&cd3=6701667&cd4=footerundefined&cd1=AR_1&cd2=no_abtest&d9=0000&AV_WIDTH=617&AV_HEIGHT=556&nid=58a5addb28a0612d3529bc5e&ncid=5b815a8c073ef40d3353bdef&e=request&cb=1605272779687&asid=5df9036f28a0610bf05d287c%2C5cd836dc073ef42bef4623d7&ofpr=2%2C3&fpo=%2C
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.229.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
get
odb.outbrain.com/utils/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&srcUrl=https%3A%2F%2Ft3n.de%2Frss.xml&idx=101&rand=96536&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=vjapi&rtbEnabled=true&lsd=714c46d3-bd43-414b-9b8a-2d2801626e72&lsdt=1605272767854&pdobuid=-1&t=YTMzNWVkMDY2YzgyYTQzNDMwYTJhNDJlZTVhZDE5MDQ=&adblck=false&abwl=false&feedVersion=1&settingLevel=TEMPLATE&servePc=true&maxNumAds=1&num=1&maxNumOrganicRecs=0&playerLocation=inWidget&recMode=odb_video&videoWidth=618&videoHeight=556&videoPlaybackMethod=autoPlay&pauseOutOfView=false&videoBidFloor=3&settings=true&recs=true&version=2000118&sig=uK3PZ7q2&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f90031cf181892d7518e62a07c0e4cce63621414b38615e5ff87c3f60fb5d344

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:20 GMT
content-encoding
gzip
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-cache-hits
0, 0
x-traceid
eb3c9913f13581750c6d805ab778273d
content-length
2799
x-served-by
cache-mdw17364-MDW, cache-fra19146-FRA
pragma
no-cache
x-timer
S1605272780.811929,VS0,VE313
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
backend-ip
157.52.75.64
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
l
mcdp-chidc2.outbrain.com/ 		2 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcdp-chidc2.outbrain.com/l?token=114ce9d52a71165299d0a03d32f6416c_3994_1605272780065&tm=12942&eT=0&wRV=2000118&pVis=0&lsd=714c46d3-bd43-414b-9b8a-2d2801626e72&eIdx=&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.159 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 13 Nov 2020 13:06:20 GMT
content-encoding
gzip
X-TraceId
f800721583bdf05e769d04d994e34a84
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
tag
a.teads.tv/page/88682/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/88682/tag
Requested by
Host: libs.outbrain.com
URL: https://libs.outbrain.com/vidget/vidget.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
10ff0a69a54ebd79fb41ca2670f77a4a0de3d1ccc65aa1c6c4d6df273abafe81

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:20 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
1849
expires
Fri, 13 Nov 2020 14:06:20 GMT
teads-format.min.js
s8t.teads.tv/media/format/v3/ 		705 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/88682/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:596::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
5143ae1bddc7262466e53ea8b927f3f366e906e21f0f805a22e477039fe34428

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:20 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
F84335EA07356415
status
200
content-length
192348
x-amz-id-2
QCZos1y8bjmI9AAHcRr/7VMyTPN3X9JzCwgHOwA4wWi6DPN28+HjnTNbC04fRht8Xwwv2wNqbNo=
last-modified
Thu, 12 Nov 2020 16:30:07 GMT
etag
"28908097abb52b93de6b1a842c3f5a07"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials
false
x-bucket
6
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 13 Nov 2020 13:36:20 GMT
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=debug-bts&fv=609&ts=1605272780334&env=js-web&pageId=88682&pid=95993&auctid=2f0fee26-931c-4a61-b73c-c8166e019a64&f=1&debug_metadata=wb&referer=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.57.75 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:20 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Sat, 26 Jul 1997 05:00:00 GMT
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=2f0fee26-931c-4a61-b73c-c8166e019a64&pageId=88682&pid=95993&fv=609&ts=1605272780337&f=1&referer=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.57.75 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:20 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Sat, 26 Jul 1997 05:00:00 GMT
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=2f0fee26-931c-4a61-b73c-c8166e019a64&pageId=88682&pid=95993&slot=native&fv=609&ts=1605272780349&f=1&referer=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.57.75 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 13 Nov 2020 13:06:20 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Sat, 26 Jul 1997 05:00:00 GMT
ad
a.teads.tv/page/88682/ 		485 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/88682/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Ft3n.de%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F&page=%7B%22id%22%3A88682%2C%22placements%22%3A%5B%7B%22id%22%3A95993%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A618%2C%22height%22%3A348%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%7D&auctid=2f0fee26-931c-4a61-b73c-c8166e019a64&formatVersion=2.22.61&env=js-web&netBw=9.4&ttfb=40
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe49736efe6fe9434d255369c1e4b2ae31a3fa524c12f1dfc06c8f8362fbac8b

Request headers

Accept
application/json; charset=UTF-8
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:20 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://t3n.de
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
338
expires
Fri, 13 Nov 2020 13:06:20 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1605272780354&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1605272780354&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...
43 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1605272780354&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=30176012&cs_ucfr=&cs_ak_ss=1
Requested by
Host: t3n.de
URL: https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-19-34-195.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:20 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1605272780354&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=30176012&cs_ucfr=&cs_ak_ss=1
Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:20 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 58B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=t3n.de
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=t3n.de
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

status
200
cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
510
date
Fri, 13 Nov 2020 13:06:31 GMT
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8eb8ab73df31fdd561d3f9c3892b064ad93a635d461a2441cbf87bac80d3286e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 13:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6368
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 13:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Fri, 13 Nov 2020 13:06:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 158D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Fri, 13 Nov 2020 12:47:21 GMT
expires
Sat, 13 Nov 2021 12:47:21 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1151
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=43265:uniques_instantly[domain:t3n.de,url:%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F,page:Digitale%20Erpressung%3A%20Bekannte%20Ransomware-Gruppe%20will%20angeblich%20aufh%C3%B6ren,author:Kim%20Rixecker,language:de,platform:Seite,category:Software%20%26%20Infrastruktur,type_article:News,pub_date:2020-11-03T11%3A06%3A17.000Z,user_status:nologin,reference_time:143,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36,device:desktop,browser_version:Other%2083,browser:Other,depth:1,user_type:new,user_id:67b0422ff.68c96a6a8_1605272792644,session_id:74b604f79.df0d2b86e_1605272792646,cdn_version:1]&s=88ef59e8db6e67a32e37131497930e31&1605272792656
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/8sB8pXMRw82t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:32 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=43265:visits_instantly[domain:t3n.de,url:%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F,page:Digitale%20Erpressung%3A%20Bekannte%20Ransomware-Gruppe%20will%20angeblich%20aufh%C3%B6ren,author:Kim%20Rixecker,language:de,platform:Seite,category:Software%20%26%20Infrastruktur,type_article:News,pub_date:2020-11-03T11%3A06%3A17.000Z,user_status:nologin,reference_time:143,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36,device:desktop,browser_version:Other%2083,browser:Other,depth:1,user_type:new,user_id:67b0422ff.68c96a6a8_1605272792644,session_id:74b604f79.df0d2b86e_1605272792646,cdn_version:1]&s=88ef59e8db6e67a32e37131497930e31&__io=67b0422ff.68c96a6a8_1605272792644&1605272792663
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/8sB8pXMRw82t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:32 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=43265:pageviews[domain:t3n.de,url:%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F,page:Digitale%20Erpressung%3A%20Bekannte%20Ransomware-Gruppe%20will%20angeblich%20aufh%C3%B6ren,author:Kim%20Rixecker,language:de,platform:Seite,category:Software%20%26%20Infrastruktur,type_article:News,pub_date:2020-11-03T11%3A06%3A17.000Z,user_status:nologin,reference_time:143,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36,device:desktop,browser_version:Other%2083,browser:Other,depth:1,user_type:new,user_id:67b0422ff.68c96a6a8_1605272792644,session_id:74b604f79.df0d2b86e_1605272792646,cdn_version:1]&s=88ef59e8db6e67a32e37131497930e31&1605272792667
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/8sB8pXMRw82t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:32 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=43265:time[url:%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F,cdn_version:1]&s=88ef59e8db6e67a32e37131497930e31&1605272792670
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/8sB8pXMRw82t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:32 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=43265:time[url:%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F,cdn_version:1]&s=88ef59e8db6e67a32e37131497930e31&1605272792674
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/8sB8pXMRw82t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:32 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111001&jk=3731503554827070&bg=!PD-lPx_NAAVGySeIRliTRts3kZx94AIAAAB8UgAAABVoAQcKAQjRiNK9DZCTX_ZrDkPFShEEV-6Mfw_SNkELqzM3bO4mRaMNxMURYCr78P0S1poVo8b4BqQcmjjipoWQvzMUu5dbt3Ll-xG3vsNWJlpDnzkxHvoIevXA0kmMdvCfKbcabwup1yDjjTvLmagvo8kvOJOOY4uIcUTMSWW8UJmPRSVsd-iEM7k7PG_yWDXyoSDLoUVsStMMHdwqQGQAg1Hvii6y7AWr6wAWvAefCQZE8g0qh4OSlpt0n5XYjvhRJ7ymNf1jQ1i4btUHn0NCb9e127tKkg1hK8S4gUbTe4ZZ-ZuLe-jbL9MUym_snYwnqLI8U47yJGMJo71K8aQQ8umwdBMN74cKrdvdM3mZAa-YypAPvHDbBnh4OnTugv_rHb4FgKHZqe7XTw5cKUMry6NSgzbP92JJ9w7vi9-VMS9IpAkzplrw5IUiTo-110OBgK97aqlxjoA09F_VsWkyHiye-SYZj45Nxeoirqj4KWltfuSEZJER9ZaN6rUtEjdt7-bwUimVsTxRLDbWW-gE-RXmI6SDZuC8UGlyCQvrI44kHRj82IWtsDGn_29rHRChbOLqWzA7YD1BM43wqEsMH5MLujKWoMuXOb5P86PiQlwgH7qyptZpY2Eml0cUUFuy9ZBufPv4ti942IQJfDnF-TbFqqCRONyQUD03ScZOfOT_BJ9iBEy0c_9Q96EvYKNY0CMufYvyDC4aYsmuVG_ZLyL3HlyJzQ61EDEXTCT1AQFPry7PneFeAtG_3ajv9jAlu0PuroMcgQimhnyr00RapXEaRoYT9zJIvJkT8x0TZT28BWaeBvdlF03Z0tAZFu4iBmD_25iIh41Zy2m8OC_4BL36ufQUwqzUGrIfCDg5F0STSI0aRAzy7mRiZI4EUCXWibn1DrCb_hKbLS5ssneq_KGhVEJBikz4jgshRe68ag
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:32 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
204
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~khg9ymwo&ctx=0&met.3=129.52m~143.532_3~143.55x_2~143.58r_3~129.59l~143.5bm_3~143.5eh_3~129.5gj~130.5hk_1~143.5hl_5~132.5ie~132.5if~130.5ij~132.5il~132.5im~143.5ki_2~143.5nc_2~129.5nh~143.5q6_4~143.5t2_2~129.5ug~143.5vw_2~143.5yr_3~129.61e~143.61m_3~143.64h_3~143.67d_3~129.68c~143.6a8_2~143.6d3_3~129.6fa~143.6fy_6~143.6ix_3~143.6ls_3~129.6m9~143.6on_2~143.6ri_3~129.6t7~143.6ud_2~143.6x7_3~143.702_2~129.706~143.72w_b~143.75y_3~129.774~143.78u_2~143.7bo_4~129.7e3~143.7ek_2~143.7hf_2~143.7k9_3~129.7l1~143.7n4_3~143.7py_2~129.7rz~143.7st_4~143.7vo_2~143.7yj_2~129.7yy~143.81d_3~143.848_2~129.85w~143.872_2~143.89w_3~143.8cs_4~129.8cy~143.8fo_3~143.8ij_3~129.8jw~143.8le_3~143.8o9_3~129.8qu~143.8r4_3~143.8u0_2~143.8wu_3~129.8xs~143.8zp_3~143.92k_3~129.94w~143.95f_2~143.992_2~129.9c7~143.9c8_2~143.9f2_2~143.9hx_3~129.9j7~143.9ks_2~143.9nr_2~129.9q6~143.9qm_3~143.9th_2~143.9wc_2~129.9x4~143.9z6_2~143.a20_2~129.a44~143.a4u_3~143.a7r_4~143.ab1_3~129.abd~143.adw_2~143.agq_3~129.aic~143.ajl_4~143.amh_3~129.ar2~143.ar3_2~143.atx_3~143.awt_3~129.ay1~143.azo_3~143.b2j_3~129.b4z~143.b5e_3~143.b89_3~143.bb4_2~129.bbx~143.bdz_3~143.bgu_4~129.biw~143.bjq_2~143.bmk_3~143.bpf_3~129.bpu~143.bsa_3~143.bv5_3~129.bws~143.by0_3~143.c0u_2~143.c3p_2~129.c3s~143.c6j_3~143.c9e_2~129.caq~143.cc9_2~143.cf3_2~129.chp~143.chy_2~143.cks_2~143.cnm_2~129.con~143.cqh_3~143.ctc_3~129.cvl~143.cw7_4~143.cz2_3~143.d1x_3~129.d2j~143.d4t_3~143.d7o_3~129.d9i~143.daj_2~143.ddd_2~143.dg8_3~129.dgg~143.dj2_2~143.dlw_4~129.dne~143.dos_2~143.drm_2~129.duc~143.dug_2~143.dxb_2~143.e05_3~129.e1a~143.e30_2~143.e5u_3~129.e89~143.e8p_3~143.ebk_2~143.eee_2~129.ef7~143.eh9_2~143.ek3_2~129.em5~143.emx_3~143.eps_3~143.esn_2~129.et3~143.evh_2~143.eyb_2~129.f02~143.f16_2~143.f40_2~143.f6u_2~129.f73~143.f9o_2~143.fci_2~129.fe1~143.ffd_2~143.fi7_2~129.fkz~143.fl1_2~143.fnv_2~143.fqp_2~129.frx~143.ftj_2~143.fwd_2~129.fyw~143.fz7_2~143.g22_2~143.g4w_3~129.g5u~143.g7r_4~143.gan_2~129.gcs~143.gdh_2~143.ggb_2~143.gj5_3~129.gjq~143.gm1_3~143.gov_3~129.gqp~143.grq_2~143.gul_2~143.gxf_2~129.gxn~143.h09_2~143.h33_2~129.h4l~143.h5y_2~143.h8s_2~129.hbj~143.hbm_2~143.heg_3~143.hhb_2~129.hii~143.hk5_2~143.hmz_2~129.hpg~143.hpt_3~143.hso_2~143.hvi_2~129.hwe~143.hyc_2~143.i17_3~129.i3c~143.i41_2~143.i6v_3~143.i9r_3~129.iab~143.icm_2~143.ifh_2~129.ih9~143.iib_2~143.il5_2~143.io0_3~129.io9~143.iqv_2~143.itp_2~129.iv7~143.iwj_3~143.izf_3~129.j25~143.j29_2~143.j53_2~143.j7y_3~129.j94~143.jat_2~143.jdn_2~129.jg2~143.jgh_3~143.jjd_3~143.jm7_3~129.jn0~143.jp2_3~143.jrx_2~129.jty~143.jur_2~143.jxm_3~143.k0g_2~129.k0w~143.k3a_2~130.k61~130.k61~130.k61_1~130.k62~154.k62~130.k62~130.k62~132.k65~132.k67~143.k67_2~129.k8s~153.k8y~143.k92_3~143.kbx_2~143.kes_2~129.kfr~143.khm_3~143.kki_3~143.knd_2~143.kq8_3~143.kt3_2~143.kvx_2~143.kyr_2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4000:811::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 13:06:33 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
status
204
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=43265:time[url:%2Fnews%2Fmaze-ransomware-gruppe-erpressung-1332843%2F,cdn_version:1]&s=88ef59e8db6e67a32e37131497930e31&1605272797146
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/8sB8pXMRw82t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Nov 2020 13:06:37 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| gtmPageConfig object| dataLayer function| onSponsoredClick string| szmvars object| iom object| _paq string| Ads_BA_ADIDsite string| Ads_BA_ADIDsection string| Ads_BA_keyword boolean| Ads_BA_Mobile string| Ads_BA_ADIDlibInfo boolean| Ads_BA_doparsethis string| Ads_BA_Block string| Ads_BA_catEx string| Ads_BA_ADIDnetworkprefix object| Ads_BA_del string| Ads_BA_ADIDfullsite object| Ads_BA_ADIDlib object| Ads_BA_AD_V object| Ads_BAcx object| Ads_BAcy object| Ads_BAbw string| Ads_BA_W_site string| Ads_BA_W_ref function| Ads_BA_init_sizes function| Ads_BA_AD function| Ads_BA_init function| Ads_BA_prepare function| Ads_BA_sz_set function| Ads_BA_urlparams function| Ads_BA_mvs function| Ads_BA_nal function| Ads_BA_anzhide function| Ads_BA_pagesize function| pbjsChunk object| pbjs object| _pbjsGlobals object| googletag object| ggeac object| google_js_reporting_queue object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| Typekit object| google_tag_manager function| fbq function| _fbq object| _gscq object| scriptElement function| __d3lUW8vwsKlB__ object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing boolean| apstagLOADED object| apstag object| Criteo object| iam_data function| gscwidgets object| default_ContributorServingLoaderClientJs object| googlefc function| __Y9uNstf385Zx__ object| __fcInternalApiManager object| Zjg3MGQwMjI1MmY5M2M3MWxvYWRlcl9qcw== string| Zjg3MGQwMjI1MmY5M2M3MWNhY2hlZF9qcw== string| __fcInvoked boolean| __fcInternalApiPostMessageReady function| setImmediate function| clearImmediate number| __cleverPushSdkLoadCount object| CleverPush object| __io object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater number| ao_cpc_visit_ts boolean| ao_isSL boolean| ao_isST boolean| ao_isLB boolean| ao_isNF boolean| ao_st_marker boolean| ao_sl_marker_active string| ao_sl_marker object| ao_sl_marker_tld_list string| ao_sl_marker_info_class string| ao_sl_marker_ignore_class string| ao_sl_ignore_class string| ao_sl_marker_class string| ao_unlinklist string| ao_query string| ao_subid object| ao_sl_sec string| ao_ex_el string| ao_blacklist string| ao_whitelist object| ao_stw boolean| ao_isIE boolean| ao_gf number| ao_gg object| AO_MARKER_CHECK_RESULT boolean| ao_gi object| ao_aB object| ao_aBU number| x object| ao_uL undefined| ao_uLU object| ao_aW boolean| ao_abpc number| ao_gb function| ao_gc function| ao_fc function| ao_fd function| ao_fe function| ao_ff function| ao_fk function| ao_fq function| ao_fp function| ao_fi function| ao_fj number| ao_reuri function| rdm number| ao_gh function| ao_ge function| ao_gd function| ao_fs object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ function| _typeof function| _toConsumableArray function| _await function| _async function| _catch function| _rethrow function| _finallyRethrows function| _call function| _empty function| _continueIgnored function| tns object| _self object| Prism object| expandWrapper object| collapseButton function| externalLinks object| variants number| randomNumber object| infoBox object| openModal object| modal object| html function| setSticky function| setStickyTagBar number| textAdPlus object| textAdPlusHide string| hash string| hashString string| comment string| commentString function| Cookies string| userAgent string| userPlatform object| userDevices boolean| isTablet undefined| mobileTemplate object| __twttrll object| twttr object| __twttr function| __$PP object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| criteo_pubtag string| VIDGET_VERSION function| OB_VidgetServiceCallBack number| vidgetServiceInstance function| OB_VidgetServiceCallBack0 object| OB_VIDGET function| OB_VidgetAuditCallback boolean| f6ab8080-5383-4116-8907-0fda503f274c number| google_srt object| _google_rum_ns_ object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ object| Ads_BA_vp object| raw_sizes number| q object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| stroeerCore object| vdz function| webpackJsonpbpwt16ox8xz object| vidazoo object| Vidiazoo function| avPlayer object| storageAni object| teadsscript object| teads object| teadsObj0 object| pagedata string| IO_date string| IO_currentURL string| IO_canonical string| IO_Author string| IO_Section string| IO_Status object| _io_config undefined| google_rum_values object| GoogleGcLKhOms object| google_image_requests

0 Cookies

16 Console Messages

Source Level URL
Text
console-api warning URL: https://static.cleverpush.com/channel/loader/fEdeZH2RfgRTdnXh6.js(Line 1)
Message:
[CleverPush][HOST] Browser is not supported.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701(Line 6)
Message:
GPT synchronous rendering is no longer supported, ads will be requested and rendered asynchronously. See https://support.google.com/admanager/answer/9212594 for more details.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701(Line 6)
Message:
GPT synchronous rendering is no longer supported, ads will be requested and rendered asynchronously. See https://support.google.com/admanager/answer/9212594 for more details.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js?21068701(Line 6)
Message:
GPT synchronous rendering is no longer supported, ads will be requested and rendered asynchronously. See https://support.google.com/admanager/answer/9212594 for more details.
console-api info URL: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs(Line 9)
Message:
Powered by AMP ⚡ HTML – Version 2010270040000 https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
console-api error URL: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs(Line 1)
Message:
[amp-story-auto-ads:ui] Both CTA Type & CTA Url are required in ad response.
console-api info URL: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs(Line 9)
Message:
Powered by AMP ⚡ HTML – Version 2010270040000 https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
console-api error URL: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs(Line 1)
Message:
[amp-story-auto-ads:ui] Both CTA Type & CTA Url are required in ad response.
console-api info URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9)
Message:
Powered by AMP ⚡ HTML – Version 2010270040000 https://t3n.de/news/maze-ransomware-gruppe-erpressung-1332843/
console-api log (Line 8)
Message:
YzVkN2Mw FLB
console-api log (Line 9)
Message:
250
console-api log (Line 10)
Message:
970
console-api log (Line 8)
Message:
YzVkODQw BS
console-api log (Line 9)
Message:
90
console-api log (Line 10)
Message:
728
console-api warning URL: https://static.vidazoo.com/basev/1.0.434/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
abp.smartadcheck.de
acdn.adnxs.com
ad.yieldlab.net
ads.adaptv.advertising.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
api-18-185-124-12.b2c.com
api.t3n.de
app.getsitecontrol.com
as-sec.casalemedia.com
assets.t3n.sc
bidder.criteo.com
buyer.dspx.tv
c.amazon-adsystem.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.m6r.eu
cdn.onthe.io
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d1quwwdmdfumn6.cloudfront.net
de.ioam.de
ea179d232783a679643b61dbb74c2854.safeframe.googlesyndication.com
eu.b2c.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gaa.adscale.de
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ih.adscale.de
images.outbrainimg.com
images.t3n.sc
inventory.vidazoo.com
js-sec.indexww.com
js.adscale.de
js.smartredirect.de
libs.outbrain.com
log.outbrainimg.com
match.adsrvr.org
mcdp-chidc2.outbrain.com
mv.outbrain.com
nugmw.userreport.com
observe.aniview.com
odb.outbrain.com
outbrain-d.openx.net
p.typekit.net
pagead2.googlesyndication.com
pixel.advertising.com
platform.twitter.com
player.aniview.com
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
s8t.teads.tv
sak.userreport.com
sb.scorecardresearch.com
script.ioam.de
search.spotxchange.com
securepubads.g.doubleclick.net
server7.vidazoo.com
si.nuggad.net
ssl-vg03.met.vgwort.de
st.getsitecontrol.com
static.cleverpush.com
static.criteo.net
static.vidazoo.com
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
t.teads.tv
t3n.de
tcheck.outbrainimg.com
tpc.googlesyndication.com
track1.aniview.com
tracking.m6r.eu
tt.onthe.io
ups.analytics.yahoo.com
use.typekit.net
videoclientsservicescalls.outbrain.com
widget-pixels.outbrain.com
widgets.getsitecontrol.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.109.59.72
104.109.73.125
104.111.215.135
104.111.215.68
104.111.216.19
104.75.89.75
104.84.57.205
104.84.57.75
116.202.11.242
13.225.73.76
143.204.101.112
151.101.113.108
151.101.114.49
151.101.14.132
161.156.66.184
172.217.23.162
176.34.114.129
178.250.2.131
18.156.0.31
18.185.124.12
18.192.15.110
18.193.10.179
18.197.91.13
184.30.212.16
184.31.84.150
184.31.91.75
185.64.189.112
185.94.180.124
2.19.34.195
216.58.207.66
2600:9000:20eb:a800:1f:a1b:34c0:93a1
2600:9000:2156:3600:12:6213:9cc0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:f1f
2607:f8b0:4000:811::2003
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:801::2001
2a00:1450:4001:806::2001
2a00:1450:4001:806::2008
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:809::2010
2a00:1450:4001:80b::200e
2a00:1450:4001:819::2004
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:824::2002
2a00:1450:400c:c03::9b
2a00:f48:2000:1023::2
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:10c:4bc::2c79
2a02:26f0:10c:581::19fd
2a02:26f0:64:596::36f1
2a02:26f0:6c00::210:ba2a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::621
2a05:d014:c09:7602:6575:8072:5ae8:ba76
3.123.119.2
34.226.93.18
35.190.14.94
35.198.113.83
35.201.103.226
35.244.159.8
35.246.218.68
37.252.172.250
51.77.65.177
52.17.253.7
52.205.229.107
52.57.10.248
54.165.228.255
54.243.138.123
54.247.80.139
64.202.112.191
64.74.236.159
69.16.175.10
69.16.175.42
69.173.144.141
75.2.86.129
91.215.100.39
91.215.103.65
95.216.24.148
99.86.5.213
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14
013a1425223dd83b00a9f56d727f91afd439e0611edde22e2e4b84d82006e95e
021169ebc0e02e3be2756e4d082e6f2d1922be182e6fbee31e0bd6569cbec49a
040155d2835e5eb42bd7e61231c7f26e6e21ce63b21365de2bb377d001640796
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
085240945b70769b7ee0f7e518aa54a55969a1f139e6e8866b95ffea675bdd91
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
09ba12308b22bb01c21fe565ef98739ba95103bcc58c54f7a91269bd53f48352
0b3f56dde948989b312dedf10ff2bfe93e83af72a90d28cb122a03c9aff54c9d
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d3e39f8fc8dd7dbd323f99696f9e553dc774af283e7ba37d4684eee6d6f0809
0d563c7f65ccfd8b475e1cc49a18d45216bf6511e234bbcbced09177bbf57e36
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e61bbf1fcf3573627de44aa6799cce3ed481ae1962ad7d98f9a996db96f8c8f
0f518a0d5924fd3fe75fb5571c8c7e9ba80fa9dc66aa8a3b11883de86d42583b
106f05a65b6cafb13b82c0ae37d3d8bcf0efe2d6213884467f79849ee584a7b9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10ff0a69a54ebd79fb41ca2670f77a4a0de3d1ccc65aa1c6c4d6df273abafe81
11b4b4f49bba1eced56c6d9fe1156b060ea7dc752688006b7b2717c5c2b3496b
1648b99d9f360cfff6319afa69f8f13c131a719351554fd285dcb55cd51e4299
18b608317682ff644afb5b064702c769e52a0c50530da0da15bf6ffac97bd7c6
198b98297a3c812ebd470ff503f2732a7facce1b08563024bddbefd3d2eabc4e
1ca98f82c963e02b621134ada56deb5e1f46933bd374124c75920b1ff79f5fc6
1f1aafaf7aec63bc5a738b136dac4291d244b7c8181367fb76791411ade81f0b
2078d0aa07f9ddb6df35a03168c741c487e18d46f0438a492a1f061e6fe597aa
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
280d54a555d775010e289b74dc10f4426ceac186c3b396db9d733873d0bbd4aa
2ac6e1ef17b9e4912e52757f4540748de6639b51b2c95b05e18d3dc1c5ce3218
2b1d3a61c96ff30e4502c968ade0632d8bf70e27d07986c9cc00b050cef7bec8
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2b5d8764d76930b8134b2228c8d348e7d86bd2151710dbcd93b0ac9227a1ca10
2c3954a349b04ba154e9e326ea76cd19bc6613309e58af1d0aff07de557cea8b
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
30395233660fd7b907623fdab3c25aca7e33e2cab7797bcae92438826f86fdf1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3388130914aa9782e9d5a20234f4dcd5055bd86a9a9ed579ab84a597107c3593
35bc4f7920357770636b9de74f8c70a59a3869cb68da4f77d6b64c288ffea5f0
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be
37dd69dd5b2c8542601cfc176a700448d1b6d40bfd9f28732f04752dbd3af728
3815f641df4f838d40bc7ac88babf38738f83547e3494b06befb455cd2dc404b
382dfff71e72ecc7828ca7a22c225be9d986e7d67a2a8c61697c7b9332b462b8
3d3dd3447c3e96007f56f98a47a1e93e64a3888f085809ce62f54bd18c9e046c
3f006dec88c65732acad8ea71a9bcc6be450a360567eccc8174da37df54c6038
42c2ad582d46a0fd891666260d45e900764080c2bbb33f6670db0af25d00b01a
437b7415c933cf7359c12548faeda447c7717739bea736d8cd546b5ca6e760c7
452a57881e3ccfc8c5b1b1216591714c70142299c42ba3769cdf9847fb0e56b8
452bb882c28b398f56200d764844f01dbc8f7c3ce5217e0abbf063a5c237649b
46025f1e6296df84ea1351028c57a75217a4ffca14a3feb4ef694d00d9dc1779
4620c7cc7faa4ded84a43c1c0a8623d2fa293fe1b821790911229aa02601f7c0
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
499f7bd2e404ac6d5f0ed3231711c56ce1136990179ad48fcd2fa15a03f160f9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7f534f7485c5191f5e0bee531c337a477018c1c2d8b3cb4cda202b26c4f01e
4d9741fd41e057e61e43e5dbc3eb264b1cdc1278ba591f296e55d329cbf6abc3
5143ae1bddc7262466e53ea8b927f3f366e906e21f0f805a22e477039fe34428
56d1e635eca61ff1fa4df1b485070299b68e5291660dfb20bc4e8c6819441339
588b0bb87444845b0a7d35f03d15169534ecb848b0de5061870280c1baa835f9
59fda40038a4fe903bee067f25755305893fe201fd31a752cb1e1a37a90ae4b2
5cfa43df3c781b6fb0860331cf2a7fca4f1d349f82083c8046e65918c77bc7dd
5e28f42e96126298752c108ca1dbf504f7c1d49d56c0045818c669992516de04
5ee5f78f316022872ea96d3893624cf24f24afa39044109ab2d473c85702ace3
60e85afa70e34a2ff413e86cfbb62baafa1bd1a1468f25cd5bad287cddc03d5c
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
618986258db585c2e2439db6c697a0831caf4999236fc7994f2ebeabc553605e
6387c91e2ca763de5a106cf5c898f3e6fff711422affb8a72f8d22d7245c164d
65713f43bd9969c43bc3fc69d9d230ea86c34237700a5c018dfea00bb13f09d1
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6b754e9e9d575b12c49b4aa85613a7e27735a49a1560a0b5077f337b9202f548
6d62d5829b3adde8fec4b48d4f3f473a2fb2765e22e0d1d0afae1f77dcc56570
741fab5dfaf0c6c749d7e15116a81dff4f136eab2b1e0242ee711f7a78108e18
743b07c8c9d666858ef74af4a20eeed240d42e198e22ff68c2bd8a6519ee34cc
7441d388aa3ad4cfc4f942dcc8ed9fc733ec713b4466e23931ed54db91dc1f07
754a6101b0b54eaef57593d4f5e0032eb7fa8b9c6250f1c1f2dcf372ab959a68
7c724bc738303d4659a2914f83c979fc0af2bf9033cb43c0e68364c352e7268b
7e66005428e7407c16a6c049ebcf7997f02913d0496397d5661a7e93c9513ef0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80095106b900dfcf3ec48a74f9d1ba439bb38075c7a5370bcae1348502a2099a
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
8152abb35939b98c753939e034d4eab5d4523d3c2de693a8156cb29183e0979e
821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8382a6bf44921f96e53d11f46d6582185bf5a6709ec91f478a55d4a2f9745477
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8588d18ef0192175ac1601d16cd8f92861e346df4c298dd7b3057caac27a8701
8c19e1bd778f00b0430507db5679c8ada1183e35491cfc9bdabc2976ee0a7dde
8e920612ce29a3290fc2edbaab7647470f21dda35cc1a350f9b8b362fc4d3ebe
8eb8ab73df31fdd561d3f9c3892b064ad93a635d461a2441cbf87bac80d3286e
8f55aa9fb456dd801b75207e67407ad79094a4635556880bd9404c449ad36418
8fe9eb655748f1c518539049a842386c9eb8001c7c4050c4ab10f9725d04429a
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
938a7999859b0e95cf47e203b32cf9cb433e2481b1da869cdfe90dd66920c301
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9ec330adf63d08f1e91926ca41b41c3808b2096242199def4f3d6f0e8ed6a1d8
9f235bd8884086a524264e354b1869e80446e43f43801298f59c8b4cf033488f
a19929780fe4560296a811a4270c742ca8cc94393700b467d148e53a26f72435
a2d03a756e78666db24d1c9751a0e0fc4e6a631e61d48eb4618a541c41d06bab
a308d2f5e313eb75b2a3fe28a58e52f54e2e184116633d8905834b7fd17553db
a71d39e728da7e82a76b463ffdb8e8119b54713820807b8c10bbf2f17c874f6f
a76aa642ad6a5135ea7fbbd29f994c284adf2458a0ca3de1ff58a6eaa6aaee28
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
acf7ef7b25b3d61dadf1e9a9c8042ef31366b74fe1fcbfcfce1a23679ba9a81c
ad90a2f9bbe8d35f350e16eceeb0b7c49fe853cc52a32a62c9fc2fc84bcab9bd
ae335418c9e1304babbeee902b4924ca90b3273ca8205f66d59ce47b3839620e
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5fd660b9afd433d3d8010200c8ad97c44dd99ef73fc18b42441b5159e1b7ac4
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b6c2a4b44e451b3c6f760a09d03196d6b09ffbae31c1fe0d7c554ea9331a5f55
b804261161e0a62d2f78bbc1484a2e50088aaa0e85e21ab754c840204f24698f
b8e8fe9b8ca280dc3c982691064e62ba97c8f2c192a17dfe74430c7cf73cb4de
be3e06714056c4fa93aab105ba99445d77f55984409aa9448674529b053d9394
be4caf1a8c2c39887fe1b7ee2baaaed080ab4d05fa19e254aaac73955c0a1470
bebb509b97516dec0954874b2f540c5e6997c85c833198d3599069926a61c27c
c46b731173fd1f7bd3ed3873cb42be32011b51dd7bd9c6cae9efd16cc2b36d70
c548b3635cbc4a0fd45cba871af16b98c98822fae7161d4b1d3514c0c08d14e6
c6e8aaf2ac2bd5b3338c9a9157e60281e11da45302a9eeb1ca33b2b8ec301321
c7714be5150899442faf570cab4e7846a794e81d6b420300148d1f5a9a405c7a
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21
ca78ecebf9a5305edcdb5a46b49f20bed311d9fd0ec3b15914a166069c35735f
cd6a9c9fa2fd6ea153a5a85ad092eb87add9a95b145f56ece043d866ebd5520b
cd8eb12655a8ddceb0cf2d593f6bb77a9b7fc22f3c96dce4ed400046564cdf2e
ce7aa5ebeaaa90c7c409ce27cce4d8b51f554d51a16ed093b221b917af0fe937
ce96e2687e3c2b151397d346ddee40840cf8777101d455ca25531dd8e4a79e2c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf74996011e08e185fe0175a67d767ecae5c633aa30e37d8c559cda8774bc58b
d05915b2e878b6e5f034902f98817e19a89b743597c293c07ef7020c1c28f4ce
d0a3bce0ecaaefcab678d788b667e77b2852ca45ff3c70a90f789223416ab874
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d27c43911bf8cd3bcb9f4dbabf867c0a595e5c9801693bf2b4478193b69e8199
d2cf7fc7c2768f9e0ea08dab28a574b2636e4e7745589dcaa02feceba2717538
d469a25e2644b25a523f24f1079f49b298a11fb97c081bd980f882500ed4dd73
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00a0ce391fce34e43a48b76367d1f0f088f1122d966acecda1c61538e433649
e0f6b0c9ecd81cc8e0bcd11faf0d6283dd8f2322eaa8fae461a11d27f1ebd1b3
e28099ec8875ba272b12bb0fb2a7269c2e0ac46d1761ee6ff4f069a59fd4e39e
e35e9964cae5632625a1256747b7862435fa65688f1eb5e1c8983907bc36f142
e38335b8da3a11b4a278e7572f99a3990da81b9764b7526bd7b69ec0c6a57c84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e48b41194e160d21995423b168df29c00140d84105e6907bba5d4522150e3213
e591edd0334c1d2ea573df12714d546ffcb92b4bd68a932aae7a05d38e7e719b
e7136007b428af69cf300b6f2f51ebe7ab50796430777fa462282ec95fd0b9d2
e90cbdc7526cb9a2cebcc8d7f607711eca19fc44c341c1c6d3c3f4ca3fa693e2
e99235caac1dc00f2fb631896feceafc55cadc5fd0bfd6cc673da6dac3f59af2
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ecec787c32bec7309ef7cfb97fd2e8633d699fa720e9ff7422e8506edd54506e
ede93f51c6f4ff2c7f36ad6bdd15a70a8486b09cfe13748798a453c486c3c7a4
edfe3e116c9a32b780620da21565d3b649a30be9fd1f42ae15a41dc8fa8ccea2
ee441245ef85f538030acf5e534d1cf2664c18289cec8cc0d84656ffb0e0a95d
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3e4389482658b8296238168fee42e7a06831ccc554730e25ff86eec4a94369
f1b23a6200bdb4728ad055b6439a7055e73c62e61a97804fa6ac13871164c198
f2c54508e244fad6d1019ab0484369bb6712eb1d7b09ee97f9f2a742b72b707e
f69f37b5111b52aa04d2681be453d6010b8f86449bb9a44aff6413eb0c7b6d18
f90031cf181892d7518e62a07c0e4cce63621414b38615e5ff87c3f60fb5d344
fb7b37363407516335166be0e7578509ade4d1d2cdfe62bf820794f935ca83bc
fe49736efe6fe9434d255369c1e4b2ae31a3fa524c12f1dfc06c8f8362fbac8b
feed48677b58d6facc717e5f57c4eafc4ed8e630536c56bbc460131c4cae3836