urlscan.io logo urlscan.io
SecurityTrails logo

mrhacker.co Open in urlscan Pro
172.67.199.92  Public Scan

Go To Rescan Add Verdict Report
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-deman...
Submission: On September 10 via api from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 7 countries across 60 domains to perform 230 HTTP transactions. The main IP is 172.67.199.92, located in United States and belongs to CLOUDFLARENET, US. The main domain is mrhacker.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.
This is the only time mrhacker.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
35 172.67.199.92 13335 (CLOUDFLAR...)
6 142.250.74.98 15169 (GOOGLE)
2 142.250.74.138 15169 (GOOGLE)
2 104.18.10.207 13335 (CLOUDFLAR...)
2 216.58.207.232 15169 (GOOGLE)
1 192.0.73.2 2635 (AUTOMATTIC)
1 192.124.249.55 30148 (SUCURI-SEC)
13 192.229.233.25 15133 (EDGECAST)
9 173.255.249.236 63949 (LINODE-AP...)
3 151.101.112.134 54113 (FASTLY)
3 172.67.198.237 13335 (CLOUDFLAR...)
24 213.239.209.209 24940 (HETZNER-AS)
4 142.250.74.131 15169 (GOOGLE)
5 142.250.74.2 15169 (GOOGLE)
23 99.86.116.33 16509 (AMAZON-02)
8 151.101.192.134 54113 (FASTLY)
4 142.250.74.142 15169 (GOOGLE)
1 216.58.211.2 15169 (GOOGLE)
3 5 142.250.74.66 15169 (GOOGLE)
1 104.21.57.135 13335 (CLOUDFLAR...)
1 172.67.213.203 13335 (CLOUDFLAR...)
1 172.67.208.52 13335 (CLOUDFLAR...)
1 104.21.88.2 13335 (CLOUDFLAR...)
1 104.21.64.18 13335 (CLOUDFLAR...)
1 104.21.4.127 13335 (CLOUDFLAR...)
1 104.21.25.241 13335 (CLOUDFLAR...)
1 104.21.69.42 13335 (CLOUDFLAR...)
1 104.21.235.51 13335 (CLOUDFLAR...)
1 172.67.137.143 13335 (CLOUDFLAR...)
1 172.67.213.190 13335 (CLOUDFLAR...)
1 172.67.130.190 13335 (CLOUDFLAR...)
1 172.67.147.50 13335 (CLOUDFLAR...)
1 104.21.17.100 13335 (CLOUDFLAR...)
1 172.67.164.36 13335 (CLOUDFLAR...)
1 104.244.42.72 13414 (TWITTER)
8 192.243.59.20 39572 (ADVANCEDH...)
4 12 185.94.236.245 42567 (MOJHOST-EU)
2 151.101.114.49 54113 (FASTLY)
2 185.60.216.19 32934 (FACEBOOK)
2 142.250.74.46 15169 (GOOGLE)
2 104.16.164.13 13335 (CLOUDFLAR...)
1 93.184.220.70 15133 (EDGECAST)
1 185.60.216.35 32934 (FACEBOOK)
2 142.250.74.109 15169 (GOOGLE)
4 151.101.112.64 54113 (FASTLY)
3 69.16.175.42 20446 (HIGHWINDS3)
1 185.75.253.85 48684 (VIKINGHOST)
2 172.67.188.117 13335 (CLOUDFLAR...)
1 172.217.21.163 15169 (GOOGLE)
4 66.254.122.38 29789 (REFLECTED)
1 195.85.23.226 209242 (CLOUDFLAR...)
2 104.21.65.147 13335 (CLOUDFLAR...)
1 3.233.138.195 14618 (AMAZON-AES)
2 95.211.229.245 60781 (LEASEWEB-...)
1 95.211.229.247 60781 (LEASEWEB-...)
1 172.67.209.21 13335 (CLOUDFLAR...)
1 66.254.122.19 29789 (REFLECTED)
1 2 3.120.0.34 16509 (AMAZON-02)
4 5 35.244.174.68 15169 (GOOGLE)
2 2 142.250.74.110 15169 (GOOGLE)
2 3 99.86.116.87 16509 (AMAZON-02)
1 1 63.33.81.89 16509 (AMAZON-02)
2 4 34.250.127.107 16509 (AMAZON-02)
2 2 185.33.221.90 29990 (ASN-APPNEX)
2 2 193.0.160.128 54312 (ROCKETFUEL)
1 104.21.10.141 ()
2 142.250.74.97 ()
1 142.250.74.68 ()
230 65
35    172.67.199.92 (United States)

ASN13335 (CLOUDFLARENET, US)
mrhacker.co
6    142.250.74.98 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f2.1e100.net
pagead2.googlesyndication.com
adservice.google.com
2    142.250.74.138 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f10.1e100.net
fonts.googleapis.com
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
2    216.58.207.232 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn09s19-in-f8.1e100.net
www.googletagmanager.com
1    192.0.73.2 (United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    192.124.249.55 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10055.sucuri.net
noticiasseguridad.com
13    192.229.233.25 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
9    173.255.249.236 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li259-236.members.linode.com
www.securitynewspaper.com
3    151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
mrhackerco.disqus.com
referrer.disqus.com
3    172.67.198.237 (United States)

ASN13335 (CLOUDFLARENET, US)
adsxyz.com
24    213.239.209.209 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 213-239-209-209.clients.your-server.de
ad.a-ads.com
static.a-ads.com
4    142.250.74.131 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f3.1e100.net
fonts.gstatic.com
5    142.250.74.2 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s21-in-f2.1e100.net
googleads.g.doubleclick.net
23    99.86.116.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-116-33.lhr61.r.cloudfront.net
c.disquscdn.com
8    151.101.192.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
4    142.250.74.142 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f14.1e100.net
www.google-analytics.com
fcmatch.youtube.com
1    216.58.211.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: muc03s13-in-f2.1e100.net
partner.googleadservices.com
5    142.250.74.66 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s23-in-f2.1e100.net
adservice.google.de
www.googletagservices.com
cm.g.doubleclick.net
1    104.21.57.135 (None, )

ASN13335 (CLOUDFLARENET, US)
egirlgirl.com
1    172.67.213.203 (United States)

ASN13335 (CLOUDFLARENET, US)
fapbest.com
1    172.67.208.52 (United States)

ASN13335 (CLOUDFLARENET, US)
nude-hot.com
1    104.21.88.2 (None, )

ASN13335 (CLOUDFLARENET, US)
porns.photos
1    104.21.64.18 (None, )

ASN13335 (CLOUDFLARENET, US)
clipsex.online
1    104.21.4.127 (None, )

ASN13335 (CLOUDFLARENET, US)
fappinghd.com
1    104.21.25.241 (None, )

ASN13335 (CLOUDFLARENET, US)
javbest.co
1    104.21.69.42 (None, )

ASN13335 (CLOUDFLARENET, US)
thesexscene.com
1    104.21.235.51 (None, )

ASN13335 (CLOUDFLARENET, US)
jav1080.com
1    172.67.137.143 (United States)

ASN13335 (CLOUDFLARENET, US)
pornbebes.com
1    172.67.213.190 (United States)

ASN13335 (CLOUDFLARENET, US)
sex4viet.com
1    172.67.130.190 (United States)

ASN13335 (CLOUDFLARENET, US)
xdultchannel.com
1    172.67.147.50 (United States)

ASN13335 (CLOUDFLARENET, US)
null88.com
1    104.21.17.100 (None, )

ASN13335 (CLOUDFLARENET, US)
phancongkhanh.com
1    172.67.164.36 (United States)

ASN13335 (CLOUDFLARENET, US)
tongdongkhue.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
8    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.effectivedisplayformat.com
12    185.94.236.245 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
poweredby.jads.co
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
a.disquscdn.com
2    185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net
2    142.250.74.46 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s22-in-f14.1e100.net
apis.google.com
2    104.16.164.13 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
1    93.184.220.70 (London, United Kingdom)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
1    185.60.216.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com
www.facebook.com
2    142.250.74.109 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f13.1e100.net
accounts.google.com
4    151.101.112.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
links.services.disqus.com
glitter.services.disqus.com
3    69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
i.jads.co
1    185.75.253.85 (Netherlands)

ASN48684 (VIKINGHOST, NL)
bngdyn.com
2    172.67.188.117 (United States)

ASN13335 (CLOUDFLARENET, US)
gamesfromheaven.com
1    172.217.21.163 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s03-in-f3.1e100.net
ssl.gstatic.com
4    66.254.122.38 (United States)

ASN29789 (REFLECTED, US)
i.bngdyn.com
1    195.85.23.226 (Czech Republic)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: net-226-23-conversasro.com
i.bimbolive.com
2    104.21.65.147 (None, )

ASN13335 (CLOUDFLARENET, US)
iadoremakingpics.com
1    3.233.138.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-138-195.compute-1.amazonaws.com
ads.traffichunt.com
2    95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
main.exdynsrv.com
main.realsrv.com
1    95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
main.exoclick.com
1    172.67.209.21 (United States)

ASN13335 (CLOUDFLARENET, US)
nextgencounter.com
1    66.254.122.19 (United States)

ASN29789 (REFLECTED, US)
v.bngdyn.com
2    3.120.0.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-0-34.eu-central-1.compute.amazonaws.com
venetrigni.com
yourfreecounter.com
5    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ejp.rlcdn.com
idsync.rlcdn.com
2    142.250.74.110 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f14.1e100.net
fcmatch.google.com
3    99.86.116.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-116-87.lhr61.r.cloudfront.net
live.rezync.com
1    63.33.81.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-81-89.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
4    34.250.127.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-127-107.eu-west-1.compute.amazonaws.com
io.narrative.io
2    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    104.21.10.141 (None, )

ASN- ()
suchenachmuschi.space
2    142.250.74.97 (None, )

ASN- ()
tpc.googlesyndication.com
1    142.250.74.68 (None, )

ASN- ()
www.google.com
Apex Domain
Subdomains		 Transfer
35 mrhacker.co
mrhacker.co
534 KB
25 disquscdn.com
c.disquscdn.com
a.disquscdn.com
814 KB
24 a-ads.com
ad.a-ads.com
static.a-ads.com
4 MB
15 jads.co
poweredby.jads.co
i.jads.co
55 KB
15 disqus.com
mrhackerco.disqus.com
disqus.com
links.services.disqus.com
glitter.services.disqus.com
referrer.disqus.com
107 KB
14 twitter.com
platform.twitter.com
syndication.twitter.com
380 KB
9 securitynewspaper.com
www.securitynewspaper.com
194 KB
8 effectivedisplayformat.com
www.effectivedisplayformat.com
8 google.com
adservice.google.com
apis.google.com
accounts.google.com
fcmatch.google.com
www.google.com
43 KB
8 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
6 KB
7 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
175 KB
6 bngdyn.com
bngdyn.com
i.bngdyn.com
v.bngdyn.com
170 KB
5 rlcdn.com
ejp.rlcdn.com
idsync.rlcdn.com
2 KB
5 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
108 KB
4 narrative.io
io.narrative.io
1 KB
3 rezync.com
live.rezync.com
3 KB
3 adsxyz.com
adsxyz.com
3 KB
2 rfihub.com
p.rfihub.com
2 KB
2 adnxs.com
ib.adnxs.com
2 KB
2 youtube.com
fcmatch.youtube.com
189 B
2 iadoremakingpics.com
iadoremakingpics.com
143 KB
2 gamesfromheaven.com
gamesfromheaven.com
3 KB
2 viglink.com
cdn.viglink.com
530 B
2 facebook.net
connect.facebook.net
68 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 googletagmanager.com
www.googletagmanager.com
89 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com
84 KB
2 googleapis.com
fonts.googleapis.com
3 KB
1 suchenachmuschi.space
suchenachmuschi.space
407 KB
1 imrworldwide.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
140 B
1 yourfreecounter.com
yourfreecounter.com
386 B
1 venetrigni.com
venetrigni.com
556 B
1 nextgencounter.com
nextgencounter.com
982 B
1 realsrv.com
main.realsrv.com
418 B
1 exoclick.com
main.exoclick.com
419 B
1 exdynsrv.com
main.exdynsrv.com
419 B
1 traffichunt.com
ads.traffichunt.com
617 B
1 bimbolive.com
i.bimbolive.com
10 KB
1 facebook.com
www.facebook.com
1 twimg.com
cdn.syndication.twimg.com
2 KB
1 tongdongkhue.com
tongdongkhue.com
910 B
1 phancongkhanh.com
phancongkhanh.com
920 B
1 null88.com
null88.com
932 B
1 xdultchannel.com
xdultchannel.com
1012 B
1 sex4viet.com
sex4viet.com
968 B
1 pornbebes.com
pornbebes.com
972 B
1 jav1080.com
jav1080.com
1004 B
1 thesexscene.com
thesexscene.com
1 KB
1 javbest.co
javbest.co
1 KB
1 fappinghd.com
fappinghd.com
1 KB
1 clipsex.online
clipsex.online
1 KB
1 porns.photos
porns.photos
1 KB
1 nude-hot.com
nude-hot.com
1 KB
1 fapbest.com
fapbest.com
1 KB
1 egirlgirl.com
egirlgirl.com
1 KB
1 googletagservices.com
www.googletagservices.com
27 KB
1 google.de
adservice.google.de
853 B
1 googleadservices.com
partner.googleadservices.com
657 B
1 noticiasseguridad.com
noticiasseguridad.com
31 KB
1 gravatar.com
secure.gravatar.com
3 KB
230 60
Domain Requested by
35 mrhacker.co mrhacker.co
adsxyz.com
23 c.disquscdn.com mrhackerco.disqus.com
disqus.com
c.disquscdn.com
mrhacker.co
16 ad.a-ads.com mrhacker.co
null88.com
phancongkhanh.com
tongdongkhue.com
13 platform.twitter.com mrhacker.co
platform.twitter.com
12 poweredby.jads.co 4 redirects jav1080.com
xdultchannel.com
pornbebes.com
sex4viet.com
poweredby.jads.co
9 www.securitynewspaper.com mrhacker.co
8 www.effectivedisplayformat.com porns.photos
fappinghd.com
egirlgirl.com
clipsex.online
thesexscene.com
javbest.co
fapbest.com
nude-hot.com
8 static.a-ads.com ad.a-ads.com
8 disqus.com mrhackerco.disqus.com
c.disquscdn.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 pagead2.googlesyndication.com mrhacker.co
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 io.narrative.io 2 redirects mrhacker.co
4 i.bngdyn.com bngdyn.com
4 fonts.gstatic.com fonts.googleapis.com
3 idsync.rlcdn.com 2 redirects live.rezync.com
3 live.rezync.com 2 redirects c.disquscdn.com
3 cm.g.doubleclick.net 3 redirects
3 i.jads.co poweredby.jads.co
3 links.services.disqus.com c.disquscdn.com
mrhacker.co
3 adsxyz.com mrhacker.co
adsxyz.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 p.rfihub.com 2 redirects
2 ib.adnxs.com 2 redirects
2 fcmatch.youtube.com c.disquscdn.com
live.rezync.com
2 fcmatch.google.com 2 redirects
2 ejp.rlcdn.com 2 redirects
2 iadoremakingpics.com gamesfromheaven.com
2 gamesfromheaven.com poweredby.jads.co
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 cdn.viglink.com mrhacker.co
2 apis.google.com c.disquscdn.com
apis.google.com
2 connect.facebook.net c.disquscdn.com
connect.facebook.net
2 a.disquscdn.com mrhacker.co
c.disquscdn.com
2 www.google-analytics.com www.googletagmanager.com
mrhacker.co
2 mrhackerco.disqus.com mrhacker.co
mrhackerco.disqus.com
2 www.googletagmanager.com mrhacker.co
adsxyz.com
2 netdna.bootstrapcdn.com mrhacker.co
netdna.bootstrapcdn.com
2 fonts.googleapis.com mrhacker.co
1 www.google.com tpc.googlesyndication.com
1 suchenachmuschi.space gamesfromheaven.com
1 obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com 1 redirects
1 yourfreecounter.com gamesfromheaven.com
1 venetrigni.com 1 redirects
1 referrer.disqus.com mrhacker.co
1 glitter.services.disqus.com c.disquscdn.com
1 v.bngdyn.com bngdyn.com
1 nextgencounter.com gamesfromheaven.com
1 main.realsrv.com gamesfromheaven.com
1 main.exoclick.com gamesfromheaven.com
1 main.exdynsrv.com gamesfromheaven.com
1 ads.traffichunt.com gamesfromheaven.com
1 i.bimbolive.com bngdyn.com
1 ssl.gstatic.com accounts.google.com
1 bngdyn.com poweredby.jads.co
1 www.facebook.com c.disquscdn.com
1 cdn.syndication.twimg.com platform.twitter.com
1 syndication.twitter.com platform.twitter.com
mrhacker.co
1 tongdongkhue.com adsxyz.com
1 phancongkhanh.com adsxyz.com
1 null88.com adsxyz.com
1 xdultchannel.com adsxyz.com
1 sex4viet.com adsxyz.com
1 pornbebes.com adsxyz.com
1 jav1080.com adsxyz.com
1 thesexscene.com adsxyz.com
1 javbest.co adsxyz.com
1 fappinghd.com adsxyz.com
1 clipsex.online adsxyz.com
1 porns.photos adsxyz.com
1 nude-hot.com adsxyz.com
1 fapbest.com adsxyz.com
1 egirlgirl.com adsxyz.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 noticiasseguridad.com mrhacker.co
1 secure.gravatar.com mrhacker.co
230 78
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-16 -
2022-07-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
noticiasseguridad.com
Starfield Secure Certificate Authority - G2		 2021-09-05 -
2022-09-05		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
securitynewspaper.com
R3		 2021-09-02 -
2021-12-01		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2020-12-02 -
2022-01-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
a.disquscdn.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
effectivedisplayformat.com
R3		 2021-07-21 -
2021-10-19		 3 months crt.sh
*.jads.co
Sectigo RSA Domain Validation Secure Server CA		 2020-11-27 -
2021-12-28		 a year crt.sh
*.disquscdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-12 -
2022-06-30		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-26 -
2022-05-28		 a year crt.sh
bngdyn.com
GoGetSSL RSA DV CA		 2021-06-15 -
2022-06-15		 a year crt.sh
i.bngdyn.com
GoGetSSL RSA DV CA		 2021-06-15 -
2022-06-15		 a year crt.sh
i.bimbolive.com
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh
*.traffichunt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-20 -
2022-07-29		 a year crt.sh
exdynsrv.com
R3		 2021-08-05 -
2021-11-03		 3 months crt.sh
exoclick.com
R3		 2021-08-05 -
2021-11-03		 3 months crt.sh
realsrv.com
R3		 2021-08-05 -
2021-11-03		 3 months crt.sh
v.bngdyn.com
GoGetSSL RSA DV CA		 2021-06-15 -
2022-06-15		 a year crt.sh
venetrigni.com
Amazon		 2021-07-28 -
2022-08-26		 a year crt.sh
*.rezync.com
Amazon		 2021-01-26 -
2022-02-23		 a year crt.sh
*.narrative.io
Amazon		 2021-04-07 -
2022-05-06		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 61 frames:

Primary Page: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Frame ID: 65A70F1CCDF9951AA2ACF05355E88609
Requests: 82 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313465?size=728x90
Frame ID: 138269EA50599A89D8C561394CE1AE72
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313461?size=200x200
Frame ID: 41C5C4223C0AF18EC9272847492A8B4F
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313467?size=120x600
Frame ID: 0848984FAD3BE60E619FA6D8B9140953
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313467?size=120x600
Frame ID: 5E04C8F2CCDC8758A3DAAAD79B7980F6
Requests: 2 HTTP requests in this frame

Frame: https://adsxyz.com/sponsors/linkxyz/index.html
Frame ID: 63313874337EBFCB61D1623785BD09B6
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313466?size=990x90
Frame ID: A897EED296E267A2B12FAD009C278161
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313463?size=320x50
Frame ID: 0624716799B09DC86185334D35D39A89
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313465?size=728x90
Frame ID: 0FEDE914D8E71D9D8908F0321E6345AE
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313462?size=300x250
Frame ID: 4C5A4452AFFAF59F3CEDC0902D028065
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Frame ID: D80F6398299003C4BA33E55695CB95EC
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313467?size=120x600
Frame ID: 2F03E964C0E04B8116B1D0F75B3912B8
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fmrhacker.co
Frame ID: 71741C3437398E9012CB903B421AFB58
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
Frame ID: 1798C6FC1C5EFE5240D73CA3BA881574
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7952463575870072&output=html&adk=1812271804&adf=3025194257&lmt=1631250536&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535713&bpp=3&bdt=365&idt=280&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8401989024828&frm=20&pv=2&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=298
Frame ID: 868437AF240B1F0D73BF23967741E049
Requests: 1 HTTP requests in this frame

Frame: https://egirlgirl.com/banner/adsterra_300x250.html
Frame ID: 32CD4B29AAD9BD10ED37AA47FE84FB8F
Requests: 2 HTTP requests in this frame

Frame: https://fapbest.com/banner/adsterra_300x250.html
Frame ID: 56631A623424D1A4B80B211946AD640F
Requests: 2 HTTP requests in this frame

Frame: https://nude-hot.com/banner/adsterra_300x250.html
Frame ID: 6AB08C6DE5ECAFBC96D564CBF613C5A7
Requests: 2 HTTP requests in this frame

Frame: https://porns.photos/banner/adsterra_300x250.html
Frame ID: C85CB8FF89C177D4516BBBEA0DB88C74
Requests: 2 HTTP requests in this frame

Frame: https://clipsex.online/banner/adsterra_300x250.html
Frame ID: C0F7F1E3B1813188015D272082B78119
Requests: 2 HTTP requests in this frame

Frame: https://fappinghd.com/banner/adsterra_300x250.html
Frame ID: 9727A42A73FFC4C1556E15788450A821
Requests: 2 HTTP requests in this frame

Frame: https://javbest.co/banner/adsterra_300x250.html
Frame ID: 09670C7C02F6412CFE61FA77E6F07716
Requests: 2 HTTP requests in this frame

Frame: https://thesexscene.com/banner/adsterra_300x250.html
Frame ID: 91EFB1BA779D1DDBBB6F8850493C8BAF
Requests: 2 HTTP requests in this frame

Frame: https://jav1080.com/banner/juicyads_300x250.html
Frame ID: 12714DA2D6C5B19C048EE631E4D0CD16
Requests: 2 HTTP requests in this frame

Frame: https://pornbebes.com/banner/juicyads_300x250.html
Frame ID: E58A6AFF112B723D7C395D3C9C1C55AD
Requests: 2 HTTP requests in this frame

Frame: https://sex4viet.com/banner/juicyads_300x250.html
Frame ID: BEAAFFE03907CEA08B4B8A3715256193
Requests: 2 HTTP requests in this frame

Frame: https://xdultchannel.com/banner/juicy_300x250.html
Frame ID: 78EABE407CA1688120119F1F6237E607
Requests: 2 HTTP requests in this frame

Frame: https://mrhacker.co/banner/aads_300x250.html
Frame ID: 4B8697D17862DD799F08EA08755F022D
Requests: 1 HTTP requests in this frame

Frame: https://null88.com/banner/aads_300x250.html
Frame ID: AE93172CB348CA25345AD45899BADE3C
Requests: 1 HTTP requests in this frame

Frame: https://phancongkhanh.com/banner/aads_300x250.html
Frame ID: B1CD5942F5E41831E47A28C0EBD883DA
Requests: 1 HTTP requests in this frame

Frame: https://tongdongkhue.com/banner/aads_300x250.html
Frame ID: 149F13C1B36B6E3B93B4B72925DCEDED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=8044118461&adk=811018034&adf=1871615875&pi=t.ma~as.8044118461&w=691&fwrn=4&lmt=1631250536&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535716&bpp=4&bdt=367&idt=317&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8401989024828&frm=20&pv=2&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=r7xazUzUtV&p=https%3A//mrhacker.co&dtd=339
Frame ID: 289AD40E368D49EB67E3F1BE2CA7241E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=689529487&adf=455737603&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250536&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535720&bpp=1&bdt=372&idt=345&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173&nras=1&correlator=8401989024828&frm=20&pv=1&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=2241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2LKuD8oO7d&p=https%3A//mrhacker.co&dtd=349
Frame ID: C025775D019AF3A0A21595A0C90256DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=215508481&adf=3059167356&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250536&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535721&bpp=2&bdt=372&idt=367&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173%2C691x173&nras=1&correlator=8401989024828&frm=20&pv=1&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ixitt2xcEt&p=https%3A//mrhacker.co&dtd=381
Frame ID: 381BD0763048769A66A2A461EA3B5AAA
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom
Frame ID: 95B2ECCA5BD8E03F2F2D9461A3A1184F
Requests: 14 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313462?size=300x250
Frame ID: 5589BB6EBBADCFC0FA26BFF898E174C3
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1331410?size=300x250
Frame ID: F9E3C90349EC493E1A4C19F488D2FC28
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1687823?size=300x250
Frame ID: 28383D137A905346681C799598FACB2A
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1687802?size=300x250
Frame ID: 56E04FE54B538EC26A17CD2E62814F69
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Frame ID: 386A0588056FECF52722B9CD1386E01B
Requests: 12 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929973
Frame ID: C49D46DECE82C494EA726F4A6601CC69
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929973
Frame ID: 177C6EF27D24402DC0B5372CB25C3AC9
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929956
Frame ID: 5E5FB156CBC3DC85E4FCE57BBC6E21DC
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929956
Frame ID: 4AC3CC9ABD33DAA58D07F50BC034FBAF
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929979
Frame ID: C428AEF07B86C85609CB1CB700CF2C26
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929979
Frame ID: CE91AAD28BE7A9F24F573381EE91CAF5
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929967
Frame ID: 6394D8F73361B14459C083ABE30DA178
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=929967
Frame ID: A320683B518E3A0C51F3F0E40BCA4E37
Requests: 2 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 9443F3B584A68C5E31A99139E0C2ABF3
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: BEDCACF282DDEB75DBF03247AFC23BEC
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 368A178A5022C20F7179F2A11D157F4E
Requests: 3 HTTP requests in this frame

Frame: https://bngdyn.com/promo.php?c=393610&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=1
Frame ID: C61754114C78346A725BE08114157BD5
Requests: 8 HTTP requests in this frame

Frame: https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268783
Frame ID: 40E9E8F8D8254EFD24AA3C02A35ED6E4
Requests: 8 HTTP requests in this frame

Frame: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqLAFIC07QedRlWSc6VLvL-OXxACOOsaeuCCyabf7TpkFjS81mPsdI-99QzrzhxL2Ayq1_-OD0k8cjb9mOgS3s9FoWGBe2xaWa3VKs1WBdiIIci-jSTnr0I095BLDnOs0pkSX2E8xpbCF5Ng1juNrdG2YMQ2w
Frame ID: E8BB19C3D4D57FB63067DBF65EF10CD0
Requests: 1 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c13qqhh81vn9ssj&pctry=DE&referrer=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976
Frame ID: FFE6F9B7A583EACFF33B960A930476DF
Requests: 3 HTTP requests in this frame

Frame: https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268782
Frame ID: 3AB6A2221F99BC14E26F134A1A0B4327
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313463?size=320x50
Frame ID: F92FC5677D3B83276BDEBD6D95966073
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313465?size=728x90
Frame ID: 22A2CE9233B1985831D0B6D7D7CA4FD8
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1313462?size=300x250
Frame ID: 7A4E2CABA36FDD826CC27455B9685BC1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5DFB28D00CBEEAC21095F8E9BF626194
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D2D04DFE20EABAFB2592D3D4B8FE0932
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lockbit ransomware hacks Accenture, encrypts 2,500 computers, steals 6 TB of data and demands $50 million USD ransom | MrHacker

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

230
Requests

98 %
HTTPS

0 %
IPv6

60
Domains

78
Subdomains

65
IPs

7
Countries

7560 kB
Transfer

10832 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 123
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 124
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 128
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 139
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 214
  • https://venetrigni.com/px.gif?akey=135245fd163282a65181f02743b60cc2 HTTP 307
  • https://yourfreecounter.com/dbs?uuid=cdde324e-8ddc-477a-b23e-eb859b6ed965&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsgIjE1MyI6MTYzMTI1MDUzOH0sImFjY2wiOnsgIjIwLDEiOjE2MzEyNTA1Mzh9fQ.eZZDImZfNUmAfr_gEqAuixNYF_lyrU2YmTDjwhpN11Q
Request Chain 215
  • https://ejp.rlcdn.com/501709.html HTTP 307
  • https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCOrQ64kGEgUI6AcQAEIASgA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM05YTUVaSVJnYUdDRW0yOEl3bkhfQm9mSnhJcDdUUG9nT0VtNk10NFlTOA==&google_cm&gdpr=1&gdpr_consent=CPLPDEMPLPDN_ADABCENBoCsAP_AAH_AAAAAGSIF5C5URCFD4GJsIJIUIAEXwFAAAGAgBgQBA4AACBCAEAwEkAAAEAAAIAAAAAAAIAIAAAAACAkAAAAAQIAAIQAAAAQAIAAAIAIACAAAEAAAAAgAAoAQEAAAAAAAAAAAgAAAAAYAQMkQLyFyoiEKGwMDQQCQoQAIigKAAAMBADAACBgAAECEAIBgJIAAAAAAAQAAAAAAAQAQAAAAAABIAAAAAgQAAQgAAAAgAQAAAQAQAEAAAIAAAABAABQAgAAAAAAAAAAABAAAAAAwAgAA.YAAAAAAAA4AA HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDoqLAFIC07QedRlWSc6VLvL-OXxACOOsaeuCCyabf7TpkFjS81mPsdI-99QzrzhxL2Ayq1_-OD0k8cjb9mOgS3s9FoWGBe2xaWa3VKs1WBdiIIci-jSTnr0I095BLDnOs0pkSX2E8xpbCF5Ng1juNrdG2YMQ2w HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqLAFIC07QedRlWSc6VLvL-OXxACOOsaeuCCyabf7TpkFjS81mPsdI-99QzrzhxL2Ayq1_-OD0k8cjb9mOgS3s9FoWGBe2xaWa3VKs1WBdiIIci-jSTnr0I095BLDnOs0pkSX2E8xpbCF5Ng1juNrdG2YMQ2w
Request Chain 217
  • https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac13qqhh81vn9ssj HTTP 302
  • https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c13qqhh81vn9ssj HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=344a5870-11f5-11ec-a833-0aa6849ebafd&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c13qqhh81vn9ssj
Request Chain 218
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Ac13qqhh81vn9ssj&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=34452850-11f5-11ec-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac13qqhh81vn9ssj&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom
Request Chain 219
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=3855677395312443616 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3d28bd07-47bd-4fd7-8c60-f4c910b7500f%3A1631250538.33&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc13qqhh81vn9ssj HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c13qqhh81vn9ssj HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKvgwWvqDwZsL_JTbrYdhgM&google_cver=1
Request Chain 220
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3d28bd07-47bd-4fd7-8c60-f4c910b7500f%3A1631250538.33&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871597498118008326 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c13qqhh81vn9ssj HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM05YTUVaSVJnYUdDRW0yOEl3bkhfQm9mSnhJcDdUUG9nT0VtNk10NFlTOA==&google_cm HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDoop-Osqe_5PPvoMRFYnA1mjG-yH-3zmOw4jXm6ICW3agxImjIG6vxq_z4pejSAuZ3KSwx--g9yZOGd41id-hGmkFJ24b78Taz6iMcjml7wfT_kwGI_YC-bMyP6eLsCHVyDckHfDBZKUMtqr3iWuusvNbPZyPw HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDoop-Osqe_5PPvoMRFYnA1mjG-yH-3zmOw4jXm6ICW3agxImjIG6vxq_z4pejSAuZ3KSwx--g9yZOGd41id-hGmkFJ24b78Taz6iMcjml7wfT_kwGI_YC-bMyP6eLsCHVyDckHfDBZKUMtqr3iWuusvNbPZyPw

230 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom
mrhacker.co/malware/ 		107 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9af9b17fec1a186ac65e5d549eceff91d096eee4d0cefe7e6ab9f14ce915357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mrhacker.co
:scheme
https
:path
/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-cf-powered-by
WP Rocket 3.3
link
<https://mrhacker.co/wp-json/>; rel="https://api.w.org/" <https://mrhacker.co/?p=50640>; rel=shortlink
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZRNxWUxH8GC9bIOCKrUYj8V4MpSDDpGYSubZgWvTnOQ25usKDZV1yG9Jz0pKD1EH1xAjpEnSySzE3PrxZzzNVv6ixhB7dG2XYTxiiBbIfxNajc7AQxn2Bd2DBt2%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c6241fb9d840f9-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
cafe /
Resource Hash
cedfbfa784fad02997626a083882aa3a2765c5f5909fba298d9e08b01b375de3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49407
x-xss-protection
0
server
cafe
etag
15848656404417496526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Sep 2021 05:08:55 GMT
style.min.css
mrhacker.co/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117965
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 17 Nov 2019 06:06:56 GMT
server
cloudflare
etag
W/"5dd0e380-a1fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJ2noNRyd%2BK9XQc%2FGcRQsCMd1bC9KOnzWUQQpG%2BhbA2v1uqRz5rT23zA%2Fj4O7nsjoBuyRy%2BssMiNqSq5GYoF7aYR5BW0gFjcxSdt%2FDyJhRgbTk2%2BZaq%2FE%2FjVgF83KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624261a8340f9-CDG
expires
Fri, 08 Oct 2021 20:22:49 GMT
style.css
mrhacker.co/wp-content/plugins/monarch/css/ 		113 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/monarch/css/style.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143

Request headers

:path
/wp-content/plugins/monarch/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
W/"5d70eaec-1c56d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BktxU8ab3nvNeNE9iMO8V5iFQKXrAa%2FhoziKLiI47VZrnbElUJ156Sr4z3CiKOJjfZolc1Qn8meGg%2BKbs%2BCRqiQVlzLfUg0yoY%2FFGzHETvgWs2JXYD31aimjBaqlKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624261a8440f9-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f10.1e100.net
Software
ESF /
Resource Hash
87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 03:37:36 GMT
server
ESF
date
Fri, 10 Sep 2021 05:08:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 05:08:55 GMT
reset.css
mrhacker.co/wp-content/themes/flex-mag/css/ 		1 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/css/reset.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758

Request headers

:path
/wp-content/themes/flex-mag/css/reset.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
97173
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-434"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmnaAz0yDI%2BDUcLuTPU9y4M7ciTyRhPJY4SaFr7W%2BJzqnUcG6wbjQ2%2FoHwXOKwpAA1pCFD238Xq2x55ZRWjQIFCMPEv90rAPaKQSPDJIkAfBKY77qtklUr9OV8mbHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624261a8640f9-CDG
expires
Sat, 09 Oct 2021 02:09:22 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 718, 718
age
4846067
cdn-cachedat
2021-06-08 21:27:09
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
84efc932bb0090ba965988d551acdd8d
cf-ray
68c624265f9d3b79-CDG
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
style.css
mrhacker.co/wp-content/themes/flex-mag/ 		92 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/style.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51efcb98223b7a4f4e1553657b36fd2322014e2c60e3e015c8b8221f8622b31a

Request headers

:path
/wp-content/themes/flex-mag/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 10 Aug 2019 13:18:30 GMT
server
cloudflare
etag
W/"5d4ec426-170e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAdj6TxCIBpB%2FAL36s1fJqjij99Felz4eown6GnQQqlMwAXY%2BQuEOzkz9aU7zf71kKeMrcV27xdtrM9LlEmv8e4abjz2ro7YZIRRqjHQK9VkwZBAECghCqYTavFCnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624261a8740f9-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
css
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f10.1e100.net
Software
ESF /
Resource Hash
0b56ce20fe245aec9d7edace03deb7971d8be11bfbe723305347c1cd67622a3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 05:08:55 GMT
server
ESF
date
Fri, 10 Sep 2021 05:08:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 05:08:55 GMT
style-sports.css
mrhacker.co/wp-content/themes/flex-mag/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/css/style-sports.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1b8da1dada254a423ac3fb0b3bf4b0dd8ffd3b6aad429bdc5aef431d3de557

Request headers

:path
/wp-content/themes/flex-mag/css/style-sports.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204884
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 18 Aug 2019 15:31:52 GMT
server
cloudflare
etag
W/"5d596f68-ed5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SNEKbekElgCuqHVE3GcyKjvml1DP33LLfkMAW5Zzr551x05xdyEP7lKZEV%2BDT3T51UipprjEUzOdMoYUpBbd0Pn0ttdDLXvhjw17qWWBxOkbwGScnpbLQa8z694wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624261a8940f9-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
media-queries.css
mrhacker.co/wp-content/themes/flex-mag/css/ 		91 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/css/media-queries.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d

Request headers

:path
/wp-content/themes/flex-mag/css/media-queries.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
540433
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-16af9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1HPn1VDx23tMoohnvM8Y%2BBENTREzGMYGWHyh4D5PwVDhbiRj%2B65OahPLidS3iBo6guAqBBMbBM7L%2Fmt%2FV0DZWEA1o1iiNOPpHKVq1iUOW8hHAvXO1IeK4mIvnEdsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624261a8a40f9-CDG
expires
Sun, 03 Oct 2021 23:01:41 GMT
jquery.fancybox.min.css
mrhacker.co/wp-content/plugins/easy-fancybox/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc

Request headers

:path
/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2253131
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 19 Sep 2019 16:12:18 GMT
server
cloudflare
etag
W/"5d83a8e2-fda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFPULkWujYu8heUu5sFi2oyIt7KK6V48F1AYDRNWa6JvDlzbsIpH5MrB%2BOQJjmZeYziqVWqXagTnPGJzKGWlfFJqGm0zq4ehOhYobSfv5CrgEx64I6HHRoyv686Luw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624261a8b40f9-CDG
expires
Tue, 14 Sep 2021 03:16:44 GMT
jquery.js
mrhacker.co/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 May 2019 10:08:54 GMT
server
cloudflare
etag
W/"5cde8836-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STTUwEW8mWmhakguAN1itReM91o23Ss9A05%2FwM%2FWGn6D%2BCtHiLNnYRxdNj996MNGcpF42vlz3QRYstc8A9RjYMTVmsSDstWhlmzc2nT2htDL4azVsWlVnS%2Bnttl81g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624261a8c40f9-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
jquery-migrate.min.js
mrhacker.co/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204884
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 19 May 2016 23:11:28 GMT
server
cloudflare
etag
W/"573e4820-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIrzmkB%2BZfzMqkUJJhNe3WjQQKWgRk%2BsmXpoqAznk0jPu23Eo8GGz8opmRcZp8rEBKiSHNTHOcGnsynUPb2rtD2TefZl0ejZ05k1uOD17ZavbkmPD7fhKMWfFl3LxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624261a8d40f9-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-146590598-1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.232 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s19-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b4a93a49f6b768b5d56d664aa9ccbb4f7d88b875e530987d54ad4e4e730a73a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41240
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Sep 2021 05:08:55 GMT
logo-7.png
mrhacker.co/wp-content/uploads/2019/08/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2019/08/logo-7.png
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f493c9cdcc3bd4b86124a98a6da5f57a04d38a46fc748116bb744064b001532b

Request headers

:path
/wp-content/uploads/2019/08/logo-7.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1226933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
60307
last-modified
Wed, 21 Aug 2019 17:52:56 GMT
server
cloudflare
etag
"5d5d84f8-eb93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmCvsDV0%2BYsEwbqSnsJceM4juct%2FCQ8632CqUAal%2BLK38nfhlDTjV0QHHHjmZ%2BZJOLSRxLFfxCUyNVfW2QSDdlE9XHlxmmNI4%2BtHf1HKuZozD1hBZRY%2B5KdLy3r8ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c624276ccc4037-CDG
expires
Sun, 26 Sep 2021 00:20:01 GMT
3ce722f11a748f0a8912ddbf696f7c6f
secure.gravatar.com/avatar/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/3ce722f11a748f0a8912ddbf696f7c6f?s=50&d=mm&r=g
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a7733d7cdf5627664c2672c9101d56d3c6e7f5351fe10353a25dea90eb3fd2ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 10 Sep 2021 05:08:55 GMT
last-modified
Sun, 26 May 2019 07:53:07 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="3ce722f11a748f0a8912ddbf696f7c6f.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/3ce722f11a748f0a8912ddbf696f7c6f?s=50&d=mm&r=g>; rel="canonical"
content-length
2298
expires
Fri, 10 Sep 2021 05:13:55 GMT
lockbitfeat.jpg
mrhacker.co/wp-content/uploads/2021/09/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2021/09/lockbitfeat.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23784bc09df3bf670e055d89cac3953bec965fd2798e7ceea9bc0751f8c3f7c8

Request headers

:path
/wp-content/uploads/2021/09/lockbitfeat.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
112
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
42691
last-modified
Thu, 09 Sep 2021 14:00:02 GMT
server
cloudflare
etag
"613a1362-a6c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aosec%2BEuqLs%2BIYM5sD2KD4yYe0bxiAEtFea0fa%2BVvmr3YImixtzUVbB4UV97J6EzdgCbuO%2BronO7AMH%2FwvsfLrF3dJjoLWiTfw%2BxcNzPLGnK3wSyV0unhIOOEwSRhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c624276cd04037-CDG
expires
Sun, 10 Oct 2021 05:07:03 GMT
email-decode.min.js
mrhacker.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Sep 2021 12:26:08 GMT
server
cloudflare
etag
W/"61375a60-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNq0iTysdzev32QEJJQBnxcvvOQxAfTgnDlypIjKt6E1UAhXKG%2BVlbb9ces10UYap3R0kuCjhBppp%2FVLCqeXMcbUGDH8vMQ36AJULUjprvrj61Ek%2FLr%2FUue%2BRi2Tkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68c624274c834037-CDG
vary
Accept-Encoding
expires
Sun, 12 Sep 2021 05:08:55 GMT
accenture11082021.jpg
noticiasseguridad.com/nsnews_u/2021/08/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://noticiasseguridad.com/nsnews_u/2021/08/accenture11082021.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.55 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10055.sucuri.net
Software
nginx /
Resource Hash
f64f60433b4f5da1b4da833c5107f1706b4dc066e99c0e77be10c8347357c6bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 22:30:56 GMT
server
nginx
etag
"7c92-5c9502bfd10d0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
15005
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
31890
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674B) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/674B)
Age
1036
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28872
IMG-20200124-WA0008-e1579911562178.jpg
www.securitynewspaper.com/snews-up/2020/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2020/01/IMG-20200124-WA0008-e1579911562178.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b4b322a1c204d7612c309926c7f9eb95d2c87a7ed5dcfa40ccb9ff633b476d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:55 GMT
Last-Modified
Sat, 25 Jan 2020 00:19:22 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"306e-59cebd37c586f;5cb8b05f75285"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Content-Length
12398
apple-scan-us-iphones-for-child-sexual-abuse-content.jpg
mrhacker.co/wp-content/uploads/2021/09/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2021/09/apple-scan-us-iphones-for-child-sexual-abuse-content.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735390a173579c143e2936e08e55c4d274a0bd12a4417a76a5a46dc399c47b2c

Request headers

:path
/wp-content/uploads/2021/09/apple-scan-us-iphones-for-child-sexual-abuse-content.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75415
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
48831
last-modified
Thu, 09 Sep 2021 07:58:52 GMT
server
cloudflare
etag
"6139bebc-bebf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUQ27l%2B8v011f3xAqor7gNhGVvlvI5eCPs6WaLMjjzPIdSpeSqbFXGdVD%2BVh2of4HAj30la3UMonZpia6VXFLP8v2WfMrPayioonu%2BpmnmUVcYBmAppcLHqrsobt9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c624276cd14037-CDG
expires
Sat, 09 Oct 2021 08:11:59 GMT
sap.jpg
mrhacker.co/wp-content/uploads/2021/09/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2021/09/sap.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34be9c92d57ca29addff71fb9cd4e9b8dc985bb5efa65bb1d44741b78913d004

Request headers

:path
/wp-content/uploads/2021/09/sap.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10744
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26113
last-modified
Fri, 10 Sep 2021 01:59:04 GMT
server
cloudflare
etag
"613abbe8-6601"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQT3N5Nr%2FrYdAPecVb0InHxPgpF9H0%2FpGQ0UF8pAYEigT%2BgDjLQiQA%2BCmG2J6LyoQuaWMxa9tS2fl14rRYG1Ar133%2F%2Fs%2BNEm0%2FP0wU79keWwsEP0LJV%2BCDCC2sBgyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c624276cd44037-CDG
expires
Sun, 10 Oct 2021 02:09:51 GMT
microsoft-office-hack.jpg
mrhacker.co/wp-content/uploads/2021/09/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2021/09/microsoft-office-hack.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61df0fc2c152857b8b8a83ba6cd2090d8aadca63d178fcfc7c3348c517a5861

Request headers

:path
/wp-content/uploads/2021/09/microsoft-office-hack.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10744
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
48517
last-modified
Fri, 10 Sep 2021 01:59:05 GMT
server
cloudflare
etag
"613abbe9-bd85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWlJNfwuIX%2F7mf5oumzPdHhkNIMnGKtFClRSqWBwTZ9jUQlR1CLPlcVT%2B%2FATtYf0zZ2JouHMcNbk%2B26bYbGuzMAUfvMjxCxGQHwURyhKOGJg589ftxCadW%2FtQeNnow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c624276cd54037-CDG
expires
Sun, 10 Oct 2021 02:09:51 GMT
jenkin.jpg
mrhacker.co/wp-content/uploads/2021/09/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2021/09/jenkin.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
305daef39f0eeb367fac9fed5f4ecdd67cc9fcce8b0b5e90484c4fffa6a5444e

Request headers

:path
/wp-content/uploads/2021/09/jenkin.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10744
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
62451
last-modified
Fri, 10 Sep 2021 01:58:58 GMT
server
cloudflare
etag
"613abbe2-f3f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdiKe5%2FzZqg1eqcjUhk9lunh0pZncCBFlnPH6xk5qeSj7ROwarSIHwK3CXGaOKwtGheSPEbPvaIx55vVaLry%2BVaEliwnhePxBCzj9f58e03a9CZYysfP3pVhLM4WHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c624276cd74037-CDG
expires
Sun, 10 Oct 2021 02:09:51 GMT
malwarecodefeat-1.jpg
mrhacker.co/wp-content/uploads/2021/09/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2021/09/malwarecodefeat-1.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1520a035130dd251491a4d3a225f9df6b4614e5e734f207afba4ab643c2bc46f

Request headers

:path
/wp-content/uploads/2021/09/malwarecodefeat-1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35501
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26615
last-modified
Thu, 09 Sep 2021 14:01:15 GMT
server
cloudflare
etag
"613a13ab-67f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjZZ4vKv3C%2FowZV059YBWIpT9ATi110%2BgL3yc72xqoK7ux9Kg%2B%2BaL7OCS%2Flnuj1dPFjyMBWnP%2BzpTT2tnLdyMkTKykDKZQ4kP3svZowV6CVmWJHqzO9cefWF3aes3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c624276cd94037-CDG
expires
Sat, 09 Oct 2021 19:17:13 GMT
logo.png
mrhacker.co/wp-content/uploads/2019/08/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrhacker.co/wp-content/uploads/2019/08/logo.png
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
090b57d2ba8067994e94dadb6fea5c934c4bd4c38f516c9e7fc29dd8387d5d88

Request headers

:path
/wp-content/uploads/2019/08/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
371349
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11497
last-modified
Wed, 07 Aug 2019 10:33:00 GMT
server
cloudflare
etag
"5d4aa8dc-2ce9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXHOZQrUINg8tf2MlYSvIDBxWGFo%2BFTDjds0ANGqueXDsE8tkpf8WEPewLgMh0ZSzPIaEkyEap8E327f2GkxR1NhcKulSsdMrGo5C1DAIraqrQ4wlA6IQunQn3X40w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c624276cdb4037-CDG
expires
Tue, 05 Oct 2021 21:59:46 GMT
comment-reply.min.js
mrhacker.co/wp-includes/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-includes/js/comment-reply.min.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 17 Nov 2019 06:06:56 GMT
server
cloudflare
etag
W/"5dd0e380-951"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfbtZVn96sZGxJxb0yfUkTZrA3R%2FVhdjfO8DhsgHrKqj%2BdHkWEmhyCfvl%2FyjunWaIWRUIUe8K4KtNDb%2BU%2F6Uwan4ymn14t3mV8J990D7BTJ2Pt2%2FMgYt8wv0gXr5KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276ca24037-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
ResizeSensor.js
mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d

Request headers

:path
/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 30 Aug 2019 18:28:51 GMT
server
cloudflare
etag
W/"5d696ae3-1743"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOc8YzPb%2BaikDZk3lULdr2CtcjJZFtObAQzPwD8l36x%2FXchYAdiuIYfazCy%2B2igE8tbR6yU%2F70CxYbDgl9c6mEJjhUaQ%2F0vwkNBShTrsgJ6hZNauGE0%2BZP1x%2Bb9QEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cb14037-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
theia-sticky-sidebar.js
mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774

Request headers

:path
/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 30 Aug 2019 18:28:51 GMT
server
cloudflare
etag
W/"5d696ae3-3e36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNKMTTXKXX0crzIzR6Nnlei2m3%2Fs7s%2BXxqR0i1WbG3qR%2B12NCqJXjXSyA2TcSNsZTYBVn8Y6RR5WTXVFrNIP09bnCCIKZ1VVJ9%2FH5Cg1I0Wqwy%2BtOHaj9IkyOT4mow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cb64037-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
main.js
mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/ 		435 B
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa

Request headers

:path
/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 30 Aug 2019 18:28:51 GMT
server
cloudflare
etag
W/"5d696ae3-1b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7VsKoV%2BTFi4Jve%2F%2BihRZEczN%2FKIIKqSjr2hc94K9BBczzCfJyv%2FCvkitu2xq8%2FkMoRTxU6lfvS0Yre9vaHgeNz2X03H8iCwmi60CTbpdGUd%2BaniFREflpZhzyr0qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cb84037-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
idle-timer.min.js
mrhacker.co/wp-content/plugins/monarch/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.4.12
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36

Request headers

:path
/wp-content/plugins/monarch/js/idle-timer.min.js?ver=1.4.12
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
W/"5d70eaec-9d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHQQo8zdsA9qLbpddOiydREZJxTJWd3PX3GAYZVFX4WhCDtlVS6kYEfy%2BDzCKsKfoW2xfxGKXHOgntyhrKIMmK1UhWq%2BoutHuH1A0KE647uaJv4bW06HSB89%2BF5%2BkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cbc4037-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
custom.js
mrhacker.co/wp-content/plugins/monarch/js/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/monarch/js/custom.js?ver=1.4.12
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112

Request headers

:path
/wp-content/plugins/monarch/js/custom.js?ver=1.4.12
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
W/"5d70eaec-6703"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DG4b1kK1aFyOQxrMr200uDxFldWMYQMYtQrmQuyjLG2nX%2FGYKubqhUacnTDCVm%2BXBOOqkqNZnhcF4UuRda1YoJPPnNdr%2FM7CMoh3pYhYzbprJU2%2Fg6JKkQnBXRjf9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cbe4037-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
scripts.js
mrhacker.co/wp-content/themes/flex-mag/js/ 		142 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/js/scripts.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e

Request headers

:path
/wp-content/themes/flex-mag/js/scripts.js?ver=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-237aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBVOO3MNc6Cy%2BG%2BBaJKqZ%2Bj9cOQPu3UDZVIa7gTALXKnMJGZ4%2BMU4SGYiv%2BM%2BSWpO4Ka1UoCUkKrw53XTUKBKZ8EBjC%2FGpdQbNm15r4yunhCAzPbg5%2Bt58Cig07Iyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cc04037-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
jquery.infinitescroll.min.js
mrhacker.co/wp-content/themes/flex-mag/js/ 		21 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/js/jquery.infinitescroll.min.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d

Request headers

:path
/wp-content/themes/flex-mag/js/jquery.infinitescroll.min.js?ver=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
540433
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-54c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxWYQtqjU5X%2B6YnKwjaIrQ0vLEDT59D2dhAj5Tod2YcPoarF19rhlGra9WXBlvLQES3SjpXBWUWVrL5UIDpa89P8idtR5uqCDBEloybctduWAmxf4d0PSqY83IDAgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cc14037-CDG
expires
Sun, 03 Oct 2021 23:01:42 GMT
retina.js
mrhacker.co/wp-content/themes/flex-mag/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/themes/flex-mag/js/retina.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba

Request headers

:path
/wp-content/themes/flex-mag/js/retina.js?ver=5.3.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204884
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 26 Jul 2019 10:36:36 GMT
server
cloudflare
etag
W/"5d3ad7b4-c20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYCVDRpRJih9%2FAr63ttGECcFIaY5XNotKaU3QBvWxqhgAiHYIzMHbLYBjXBvW16DFSyhzzgVQ877XSiB37FdIpWMefq7EuS3nReVc0OVnRiagoBAIJFw9CBQPf1e8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cc24037-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
jquery.fancybox.min.js
mrhacker.co/wp-content/plugins/easy-fancybox/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3

Request headers

:path
/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 19 Sep 2019 16:12:18 GMT
server
cloudflare
etag
W/"5d83a8e2-4d4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuqUhNh0t2ClhvNLK3Eh9j%2FlYbgdOMzplDjvl8iZ9WOCK09xZ1HzTcFdFDsZJ41nX8WyE50gJBIyqMEJ5wO4uphjH6QTXkh2JFNe4kYhJ4LOBJokxGkFJWSoDMenCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cc44037-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
jquery.easing.min.js
mrhacker.co/wp-content/plugins/easy-fancybox/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

:path
/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
540433
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 19 Sep 2019 16:12:18 GMT
server
cloudflare
etag
W/"5d83a8e2-8fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu5nKUKRZaVmPoqiZpxO90lthNGXIUwHOUfxY80mK9yOMu%2B0becEucxPaWeNxwx%2FuSf1QvqLc50SvcIGY58Klo1bDb%2FbHKufu7ILSIEY1%2B4X%2Bb5vr9xvQaomt%2Fo2Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cc64037-CDG
expires
Sun, 03 Oct 2021 23:01:42 GMT
jquery.mousewheel.min.js
mrhacker.co/wp-content/plugins/easy-fancybox/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

:path
/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
540433
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 19 Sep 2019 16:12:18 GMT
server
cloudflare
etag
W/"5d83a8e2-a31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oF0k8QJWUdrd9TE%2Bfgc4c1x7zN7hv%2BveMNAevKieptmYk5tfzrfIpiPnqqtFLas5s6TS91SKnF2X4OZVWKa6GaAX1gTHqesrnapLB3eDvUXbHbn182t2afcaAEqz2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cc74037-CDG
expires
Sun, 03 Oct 2021 23:01:42 GMT
common.js
mrhacker.co/wp-content/plugins/monarch/core/admin/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/monarch/core/admin/js/common.js?ver=3.20.2
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b

Request headers

:path
/wp-content/plugins/monarch/core/admin/js/common.js?ver=3.20.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
97173
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
W/"5d70eaec-550"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIQP2ONgt5kPl4jqWinQlVF87iSPmpb5Ra%2B9kPh0tNFCPba3syVQF14C4ma%2F%2B2aDIjmpc6CbQTYKMuP0fwNwlR50t7hAnLepwimdAgde6U64%2F2UR6eYz80UUyA2JOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cc94037-CDG
expires
Sat, 09 Oct 2021 02:09:22 GMT
script.min.js
mrhacker.co/wp-content/plugins/boxzilla/assets/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52415b65b808c23ba1578c46b4b397fdaa4f979c8ae04dc1bd2b9cd96d4230fb

Request headers

:path
/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mrhacker.co
referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 03 Dec 2019 11:55:32 GMT
server
cloudflare
etag
W/"5de64d34-4677"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgn%2Fawqa3MCBMA5eCJ%2Fec8QHSTXpW1FhewrL16YcKBpPRhunuH%2Fr2Fo0wuXH9BZIXu6DeGpFIFQ3B6J5TYDOh6D0ip97af3pDrNht4G7kxGisYPJCAYxiFbqCrx3vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c624276cca4037-CDG
expires
Thu, 07 Oct 2021 20:14:10 GMT
embed.js
mrhackerco.disqus.com/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
ffe4bb4cb364bdafa7922232219191f095cf7ff16ad22b9b679c284632248165
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:55 GMT
Content-Encoding
gzip
Server
openresty
Age
112
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
24740
network.js
adsxyz.com/sponsors/network/ 		827 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsxyz.com/sponsors/network/network.js
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.198.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5b8a61b7114f9131b2c26131527d5ea955e8fc57c3989b92f7ab781473db139

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18664
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 24 Jan 2020 05:18:04 GMT
server
cloudflare
etag
W/"5e2a7e0c-33b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJVHTjTLfk9AQ0V0JHVOwsXhYVN4w4L%2FDg9WMvhOPqMWFqXX8veHbkhdaVlcoFbWHGD%2FclXL1p5UjgGbivGuhNCbMq%2BcjKnAYHtJCdEKslK0QrdPRir3AIofziLK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62427be323a75-CDG
expires
Sat, 09 Oct 2021 23:57:51 GMT
1313465
ad.a-ads.com/ Frame 1382 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313465?size=728x90
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
52a8bee8ad55a81a540948453532cfe99bd335109c6098a801fef8590fe38d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:55 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css
Origin
https://mrhacker.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617
age
4566289
cdn-cachedat
2021-06-08 21:27:38
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5b52e3eb3ff31b03a845b60e5ed78c65
accept-ranges
bytes
cf-ray
68c624279a58408d-CDG
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f3.1e100.net
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mrhacker.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 14:47:13 GMT
x-content-type-options
nosniff
age
570102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 14:47:13 GMT
mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f3.1e100.net
Software
sffe /
Resource Hash
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mrhacker.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 04:46:26 GMT
x-content-type-options
nosniff
age
1349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15188
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:24:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Sep 2022 04:46:26 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f3.1e100.net
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mrhacker.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 19:30:20 GMT
x-content-type-options
nosniff
age
207515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Sep 2022 19:30:20 GMT
1313461
ad.a-ads.com/ Frame 41C5 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313461?size=200x200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
65b339a1ec226f403a6d36d71fe4f07d053c2477ea3a4df18e2f00062487ffa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:55 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
malwarecodefeat.jpg
www.securitynewspaper.com/snews-up/2021/08/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2021/08/malwarecodefeat.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
1520a035130dd251491a4d3a225f9df6b4614e5e734f207afba4ab643c2bc46f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Last-Modified
Thu, 05 Aug 2021 16:54:40 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"67f7-5c8d2c6671cc7;5cb8b05f75285"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Content-Length
26615
hackingtech.jpg
www.securitynewspaper.com/snews-up/2021/08/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2021/08/hackingtech.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e33ab36f8dd445e60f43e39b3a4d37f0eeb91647d65a665e0e1cf15d5a76b91c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Last-Modified
Mon, 30 Aug 2021 23:00:39 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"7d83-5cacecd4384e4;5cb8b05f75285"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Content-Length
32131
phishingfeatured.jpg
www.securitynewspaper.com/snews-up/2021/08/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2021/08/phishingfeatured.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
65374b2938dd614dff5073c58272259c9d1b3f966f25ed74b5c619360d6b3b51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Last-Modified
Thu, 05 Aug 2021 15:27:14 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"bd34-5c8d18db108a5;5cb8b05f75285"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Content-Length
48436
telegrambot.jpg
www.securitynewspaper.com/snews-up/2021/04/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2021/04/telegrambot.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
781e8f9c4513bc8da98aa3ff8d846d03a0727bde47ee00002d2de1c1f70cf6e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Last-Modified
Thu, 22 Apr 2021 16:53:08 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"199d-5c092838e0871;5cb8b05f75285"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Content-Length
6557
whatsapptutorial.jpg
www.securitynewspaper.com/snews-up/2021/08/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2021/08/whatsapptutorial.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c0031b846a33ee48076df78f553b3bf781730ab73b51b3df7861e43313d432af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Last-Modified
Tue, 03 Aug 2021 23:21:39 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"5d76-5c8aff2a43050;5cb8b05f75285"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Content-Length
23926
1313467
ad.a-ads.com/ Frame 0848 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313467?size=120x600
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:55 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
1313467
ad.a-ads.com/ Frame 5E04 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313467?size=120x600
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
79eb1ccf87901ad706bb4f22a63f4d746cb05bbf4851c94a3049e795026e5ae1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:55 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
index.html
adsxyz.com/sponsors/linkxyz/ Frame 6331 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adsxyz.com/sponsors/linkxyz/index.html
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.198.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffad8419f85c15cf2cc8ae98d79e4c1c395ec6491924ae92900d223131a50175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adsxyz.com
:scheme
https
:path
/sponsors/linkxyz/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-type
text/html
last-modified
Thu, 26 Aug 2021 03:43:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=86400
cf-cache-status
HIT
age
68891
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03BBk0KetJZw3DkEhBqEn2IAwqOQ83W5kA1bNhZ2YQPFxOSHE%2BOnUSSZr6VW29VdCzq%2BLqJG9LdTtOWIMILl%2FoUCs%2B30pupcsTyRs5S5x6%2Flq%2BC%2F1bR%2BUSoPwGYg"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c62427de453a75-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1313466
ad.a-ads.com/ Frame A897 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313466?size=990x90
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
b542515c8f52eb2cc95d68394c22dd042c35378cff42b0ca5da6d8413da3cb82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:55 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
1313463
ad.a-ads.com/ Frame 0624 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313463?size=320x50
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
12f6bc9b28e5238dbfcf8d8b3027024e97e1c92888e387aa57808e282528256c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:55 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
1313465
ad.a-ads.com/ Frame 0FED 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313465?size=728x90
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
ce5e06b88f576dd0ddf5693390149a7264893d1bb9e5fd3285e8a64c3841794e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:55 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
1313462
ad.a-ads.com/ Frame 4C5A 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313462?size=300x250
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:55 GMT
Content-Length
0
Connection
keep-alive
monarch.ttf
mrhacker.co/wp-content/plugins/monarch/css/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-content/plugins/monarch/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f

Request headers

:path
/wp-content/plugins/monarch/css/fonts/monarch.ttf
pragma
no-cache
origin
https://mrhacker.co
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
mrhacker.co
referer
https://mrhacker.co/wp-content/plugins/monarch/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mrhacker.co/wp-content/plugins/monarch/css/style.css
Origin
https://mrhacker.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2160829
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15096
last-modified
Thu, 05 Sep 2019 11:01:00 GMT
server
cloudflare
etag
"5d70eaec-3af8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTMS0rMVJHUNlrej1uBlKUzX%2BTuJTJyiKKv8IAdrVWVNetpjbMWE9z4ZGQhoCYebgu3p7zrpFnwi573c3GlJ5PtsWTJGMqgiSMawjbsz%2BUbjIoUQutHLWKJ%2Bhe7AQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
68c62427dd664037-CDG
expires
Wed, 15 Sep 2021 04:55:06 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7CLato%3A400%2C700%7CWork+Sans%3A900%7CMontserrat%3A400%2C700%7COpen+Sans%3A800%7CPlayfair+Display%3A400%2C700%2C900%7CQuicksand%7CRaleway%3A200%2C400%2C700%7CRoboto+Slab%3A400%2C700%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7COpen+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f3.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mrhacker.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 15:56:36 GMT
x-content-type-options
nosniff
age
220339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Sep 2022 15:56:36 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
cafe /
Resource Hash
4b70365b09badf5fceb9effc21b9cca9d19e08b0045fc0ebcaf5765293b2518d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95420
x-xss-protection
0
server
cafe
etag
5659919450890713277
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Sep 2021 05:08:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/ Frame D80F 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s21-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210831/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 09 Sep 2021 16:42:11 GMT
expires
Thu, 23 Sep 2021 16:42:11 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
44804
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lounge.aa6d56595a43bd5e887186df12931c03.css
c.disquscdn.com/next/embed/styles/ 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 22:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
716861
x-cache
Hit from cloudfront
content-length
26040
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 01 Sep 2021 21:40:36 GMT
server
nginx
etag
"612ff354-65b8"
content-type
text/css; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Thu, 01 Sep 2022 22:01:14 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
sjDV4SFDKGYf3quV9JVTTWy1HD1mm-ak8HtMs5RocQKP9bBx10NY8Q==
x-cache-hits
0
common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 20:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4525302
x-cache
Hit from cloudfront
content-length
94790
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 19 Jul 2021 19:39:06 GMT
server
nginx
etag
"60f5d4da-17246"
content-type
application/javascript; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Tue, 19 Jul 2022 20:07:13 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
zht17XuNJenBoThiuHXyq77YXcoEzfg28F_Bfff2vVqXvzxUdCg3mQ==
x-cache-hits
0
lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
c.disquscdn.com/next/embed/ 		0
119 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643979
x-cache
Hit from cloudfront
content-length
120689
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-1d771"
content-type
application/javascript; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
z1eriqsQV02XOug2NUZj--PXC15ZaVrosmG0RcUwnhUD18tfPkfJAw==
x-cache-hits
0
config.js
disqus.com/next/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:55 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
18
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12046
X-XSS-Protection
1; mode=block
recommendations.js
mrhackerco.disqus.com/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrhackerco.disqus.com/recommendations.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
9a0b62a92405861d9aaeb606df809f7d34bae0909a8119a832a1c016a53dd05c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:55 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
20831
1313467
ad.a-ads.com/ Frame 2F03 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313467?size=120x600
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
34eef18721ad9fb3e5cd9a4b1cf747ae67779d00ba8dd543683abcab5612e097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:55 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame 7174 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fmrhacker.co
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2254
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Sep 2021 05:08:55 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67F3)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
728x90
static.a-ads.com/a-ads-banners/117619/ Frame 1382 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117619/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313465?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:55 GMT
Last-Modified
Sun, 19 Apr 2020 16:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
S4Y68WSH3FBJR163
ETag
"8df22bfbf1b66e4d461cc595236e19c5"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
125388
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
0fATWmKYpJSZr5TJ6jtiSoqDotlI3uSs
x-amz-id-2
WXD1ZcaSayqgGuaN3E4VGqAxbkt7buAepXdijebK9jTK9YX8e/itS/75QDLmJes9MDRTkaFo1h4=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 1382 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
random4f.js
adsxyz.com/sponsors/linkxyz/ Frame 6331 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adsxyz.com/sponsors/linkxyz/random4f.js
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd819f8eba0b56e52c8583bf1db1b5bbeec52504bef12ef0b325013b68977901

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/sponsors/linkxyz/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68871
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 06 Jan 2012 14:11:54 GMT
server
cloudflare
etag
W/"4f07012a-568"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TmVX4dbzfclVJkSHS05Dkake3z800oQQSxhIOvQcGZ1fF%2FVHKsx8ULNJ0kRCnJiJR5OapcuAJPVMiZUL%2B1bJGGGXKU4hVcYDty8pXcG9SpEBxw7DFe%2By9a7wxwr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
68c62429baaea8bb-CDG
expires
Sat, 09 Oct 2021 10:01:04 GMT
js
www.googletagmanager.com/gtag/ Frame 6331 		121 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D87R5XW8W4
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.232 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s19-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b67e9019d75fc80b850ab52c79662b61c6bdfc9e867dc1c1d7977d942bc7387d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49289
x-xss-protection
0
expires
Fri, 10 Sep 2021 05:08:56 GMT
320x50
static.a-ads.com/a-ads-banners/117618/ Frame 0624 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117618/320x50?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313463?size=320x50
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0cab8671024e27265f5d37739d64ccfd8417d3a1326cd85e578a2ca7280ecf0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:55 GMT
Last-Modified
Sun, 19 Apr 2020 16:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
CCW8VQE1CAAM3M4E
ETag
"964435510a885dc83118d9345a439c3d"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
108594
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
w4CWsbKlEWz_x7_SpmcYfVfQEmXT2wOu
x-amz-id-2
5N+DFXWB/D6X0nIylr+mnhIqqvhIHKoT+vwXD+3VEP+ZA6RBVy/eL6v282W1Fjip+jpoYRPQjwY=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
728x90
static.a-ads.com/a-ads-banners/118231/ Frame 0FED 		683 KB
684 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/118231/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313465?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52768beb6e9a4d1619ced6e98c515f416b23632839c8092d615f06513dc6146c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:55 GMT
Last-Modified
Sun, 26 Apr 2020 07:21:07 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
BRJ7JAZF9J6X0S6Z
ETag
"241238ff9e1a7f85dbec8aa10f72f723"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
699692
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
t6FJBbIGBKpJobE5rxtWIqCTMlD50_5h
x-amz-id-2
pCs/j+/m15HM0dWGV0DxygupxIqKCdhrFjlJ+qFDK1UyhzVMe1oRsdsI5FPjOBqbXVZylM5DhN8=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146590598-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6519
date
Fri, 10 Sep 2021 03:20:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 05:20:17 GMT
truncated
/ Frame 41C5 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E04 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A897 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
/
disqus.com/embed/comments/ Frame 1798 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
460ae51398ed855ccda6738a02de06edc882e5d85f643d3d793fee9bda6e9781
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Connection
keep-alive
Content-Length
2916
Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified
Thu, 09 Sep 2021 14:10:26 GMT
ETag
W/"lounge:view:8765559764.82d5a9611fdfdbd6e31e3af5722a2241.2"
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy
no-referrer-when-downgrade
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Date
Fri, 10 Sep 2021 05:08:56 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
cookie.js
partner.googleadservices.com/gampad/ 		201 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=mrhacker.co&callback=_gfp_s_&client=ca-pub-7952463575870072
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.211.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f2.1e100.net
Software
cafe /
Resource Hash
cc47b311008446f1f495cce46ca9ae76aceac910b9c5bd0951fdf6695b4eaca0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mrhacker.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 05:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mrhacker.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 05:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8684 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7952463575870072&output=html&adk=1812271804&adf=3025194257&lmt=1631250536&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535713&bpp=3&bdt=365&idt=280&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8401989024828&frm=20&pv=2&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=298
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s21-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7952463575870072&output=html&adk=1812271804&adf=3025194257&lmt=1631250536&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535713&bpp=3&bdt=365&idt=280&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8401989024828&frm=20&pv=2&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=298
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Sep 2021 05:08:56 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Sep-2021 05:23:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 10 Sep 2021 05:08:56 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f2.1e100.net
Software
sffe /
Resource Hash
e16ed299b472d3f09c1fecfb67a63c435bfabd6e582f5b4d6703cd7030fc6701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631100470313954"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27651
x-xss-protection
0
expires
Fri, 10 Sep 2021 05:08:56 GMT
adsterra_300x250.html
egirlgirl.com/banner/ Frame 32CD 		865 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://egirlgirl.com/banner/adsterra_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.57.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65b6121a4267cf53a8d9446dbc4c346131d0941463e2f3b1fef9e2d30515cfab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
egirlgirl.com
:scheme
https
:path
/banner/adsterra_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Sat, 21 Aug 2021 10:36:31 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619502
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7M5KF%2FApPWDoD3BqDPPVWmJYOPO2oWHvIbKk%2FDXD65CV6jeKGJTgeAw7ByNKX6C%2Fs8pLsQp9a2SfGhcndqmgiNykhdriBdhRCDQCzOjOLleMy09t7vwSlwy2E4JtHMa"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242aae3869b6-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
fapbest.com/banner/ Frame 5663 		865 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fapbest.com/banner/adsterra_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.213.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
669e9517e16de747cabb78e5c73ef45830054a806170f37801841ed5b3b6689a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
fapbest.com
:scheme
https
:path
/banner/adsterra_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Sat, 21 Aug 2021 10:41:56 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619433
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wg7YjkXXpocbWQ76WvqoaVQP%2FqkB4oWk3%2FJDvDxZ2g%2BEXHPJMpvIlSrjFFssSDIxtPAIVN8dr4TILX5Cy0LhKaZ0VCDuq%2FWulMLrYmRCsO5Rjq6D6aO4wcj2IkStpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242bff8f59aa-IAD
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
nude-hot.com/banner/ Frame 6AB0 		865 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nude-hot.com/banner/adsterra_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ca28dd8b7551c6f06b09458b7b5561513904c23be68308603ca6b3bcdb5960
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
nude-hot.com
:scheme
https
:path
/banner/adsterra_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Sat, 21 Aug 2021 10:49:38 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619915
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixkxEYZffbTQDne1%2BdScY817iu8qO%2Fh2aNdfkGKKulZ73wuiZF%2Fe4Te3tnRjW5r3db1ipkksFv%2BkQ5u3TFGWGneeevPjob0YWBs4sQqjFgMHH37A0Eu%2FKDWhyFafm9s%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242bfa3959d4-IAD
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
porns.photos/banner/ Frame C85C 		865 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://porns.photos/banner/adsterra_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.88.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
421f720278f84ac7e6429333b96f14f94756b1f0343f0236fac7307bac68b718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
porns.photos
:scheme
https
:path
/banner/adsterra_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Sat, 21 Aug 2021 10:57:03 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619713
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnWThXwtMnR%2FxtTSxIPiwr0qfzl8JsF7c7KND4oTbTzbIBLgnarOR7pa9f%2FTn5SW7kjs1rc%2BgPl0262o5o1X2EcLghoNhVonaUgH0qFwEYkHkx%2FWe%2BnoSqhwBggetUE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242a999a39b1-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
clipsex.online/banner/ Frame C0F7 		867 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clipsex.online/banner/adsterra_300x250.html?
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd110802bfc94a315236b952fc20ee920c1cf886b9526ffad1ee4ff9057d2394
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
clipsex.online
:scheme
https
:path
/banner/adsterra_300x250.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Wed, 25 Aug 2021 09:45:12 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1364597
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPE%2Fglr%2FaNH7UHudS0%2FM3yy%2FZf9H%2BALzd1lT6x7rRMa5TPkanCIglENCcqvHG7wSuLedGoFO3tPJcurvzEF7KLFpudqH2e0rz8j0zUkq6IqgtdKWprl2s6%2BMscc10GN3pA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242a9b8f0820-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
fappinghd.com/banner/ Frame 9727 		867 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fappinghd.com/banner/adsterra_300x250.html?
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e71fa614171fdf7f3eee87e6198d233232fe2d73e7cc75cb30722c00000738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
fappinghd.com
:scheme
https
:path
/banner/adsterra_300x250.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Wed, 25 Aug 2021 09:49:40 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1364683
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFZkWCgKCAzL0TT1z33aIJi%2FjJtqJ81mVTZBkHDT6AjMD4luTN8k8pIj50T2oNNcJ76uGepp9Bh%2FXo1La%2Bt2hD24Nj%2FW%2FW%2FN6SvGT1R2SarfzS6Gexjd0oGg14O5FHS%2F"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242a9f58cd9b-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
javbest.co/banner/ Frame 0967 		867 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://javbest.co/banner/adsterra_300x250.html?
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
676311b41a8a21162d8187ce2b2ecb7c652888635cc52967a9aabff9ef583d2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
javbest.co
:scheme
https
:path
/banner/adsterra_300x250.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Wed, 25 Aug 2021 09:51:54 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1181119
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F82l9jTwszIDMPR97Myf1Fr41EO2Bsmr62jfI6P89EAcGYkQ9uSaHaQwRiWvFfXIUGccMIqdQQu0aPGwQQ6qC7K67V74Qk842lfYkmd04Yw%2B79l2B4gAJOhtDU5c"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242aab663b25-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsterra_300x250.html
thesexscene.com/banner/ Frame 91EF 		867 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thesexscene.com/banner/adsterra_300x250.html?
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.69.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
227365258106f73bc8761237c88b38ffbca65361aa95b865709657406eae1459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
thesexscene.com
:scheme
https
:path
/banner/adsterra_300x250.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Wed, 25 Aug 2021 09:54:02 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
119009
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TO9OMtw6PFydhjFHvF05Toe5B07%2FEOSkViaifWw8gt3zRqta2oLNtGlohlbkFdgCkLxrBQKSRdqaPUPe2CD3g5OCOTmkrlzgnirxxrGleiy2L0KSNkw0Q8Rs4SZ%2BR84puBI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242aaa683b85-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
juicyads_300x250.html
jav1080.com/banner/ Frame 1271 		744 B
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jav1080.com/banner/juicyads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb776e4e7499c2a01783aaeafd98641ea731c2d2da8ed9bb20cef55cd50b863b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
jav1080.com
:scheme
https
:path
/banner/juicyads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Fri, 25 Jun 2021 18:29:27 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgLWsdjcVxDUH3lCJnihhaXxKETuU9zbPTus1W0SSrMLxMCJzcfRYWnrCf4iLgRgiTGSh%2FSpBcUXeHSzGue4473Dr4Tw8q0%2Fk61drQJhEJkRLW9rIzNkG8nQwEzQ3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242aaf17ee33-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
juicyads_300x250.html
pornbebes.com/banner/ Frame E58A 		744 B
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pornbebes.com/banner/juicyads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.137.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93e18f2f4e1a2af8839f0ee4900990890090742ac52482ea811f1fe41ef5556c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pornbebes.com
:scheme
https
:path
/banner/juicyads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Fri, 25 Jun 2021 18:43:21 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVJn6QDBBGPU8pUK40p1aWXL2KPOyU%2FiaCfhzYp%2BoK1T6MBJanZEvn2I4QLNmcJAKm3gCJopa19SMhzutDquS1u%2B0WOMUQjem73u634lG163aOUIJOMpoK8uNg5RqA3B"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c6242aad546570-LHR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
juicyads_300x250.html
sex4viet.com/banner/ Frame BEAA 		661 B
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sex4viet.com/banner/juicyads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.213.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07aa1437b73b702e4fd27db55e676455653762882c782440309ba4534050928a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sex4viet.com
:scheme
https
:path
/banner/juicyads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Fri, 25 Jun 2021 18:14:21 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1535055
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SheFW3%2B7nFJeFsNGp%2B%2FCqVmj12Eq%2FzzkWn45Yh4ipmRXhqjk1Vvb%2FeKa8SwDbB4pTUXsIvsoD9PtmkCdMajvn62AEjzo5lk0OcsFXhAWybYy%2Bju%2BR9Yn3SEOEIPAiAM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242bfad15716-IAD
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
juicy_300x250.html
xdultchannel.com/banner/ Frame 78EA 		742 B
1012 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xdultchannel.com/banner/juicy_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.130.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c60dfaf4d68247d23d28f56642945518dc7481ce4fba6b1f908857f497a4c614
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
xdultchannel.com
:scheme
https
:path
/banner/juicy_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Fri, 25 Jun 2021 17:05:02 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1790297
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djjUv3IvWenzKNFTcULbpEIMUtBSCuDjGFo2ZejhRBGp4%2B%2FYM4oHEnufzwGtB3qxCrOJLC1goBfk0nAU8MokSPUl%2FZf2zw2P%2BdiMX6XOqjhkBFxzL9%2B%2BbRz8ErG7kO2T3qUD"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242aa9ca65b8-LHR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aads_300x250.html
mrhacker.co/banner/ Frame 4B86 		558 B
832 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mrhacker.co/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45458c5cfa0ae1e6992b40d920661a7107510f24e5c96f4b2f160d9939d946d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mrhacker.co
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Sun, 19 Jan 2020 08:10:22 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619229
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2Fjlohlj5tIcxvtlEXJrKJFd0k8SR4mNnpwRBaMArCj63yCpp8BAqdSazNnO7fMExbm%2BkdSHQHPKyNd6ijz5AH92Zd3iutvF0FKxiwg%2FBBL5JK5J6PSvmarcw5CrYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242a588c4037-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aads_300x250.html
null88.com/banner/ Frame AE93 		558 B
932 B 		Document
General
Check archive.org
Download Go to
Full URL
https://null88.com/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.147.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff3c131212b8c54e4fef81437dd815acba30e979a4e811a5a1174250e548bcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
null88.com
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Sat, 22 Feb 2020 06:34:19 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
max-age=2678400
cf-cache-status
HIT
age
1619212
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtf%2FxVktTJ5SzkE6RjMLIfQV4iVl5zo8NWmEe%2BRrAnzr1zkcxfM3Z8SUj78phSw5iTeCk%2FjA2icZ3Ym2pDbqVzwCQjKmnnSxvDsyXWEPRAFeaFOw%2BbGdWZcNJw1z"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68c6242aae19406f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aads_300x250.html
phancongkhanh.com/banner/ Frame B1CD 		558 B
920 B 		Document
General
Check archive.org
Download Go to
Full URL
https://phancongkhanh.com/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.17.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c953490be90a1e661e731eed1b5b5b07d20a3d23806cc81d641c383e99422c2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
phancongkhanh.com
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Wed, 30 Jun 2021 09:30:59 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iox1giRXfC%2BGgdvmw25aV%2FirX2GRUEwD%2BaRX%2BLE58uA0qXFnIzl9LQk1p%2FqeCy97co4cGKrM8Jyb3NAZB3Ezmh5dOjXHjmxdK36%2FJyLKQmypokDMrgioYD4Lo%2Be7tyV680wPHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c6242aad8a39f3-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aads_300x250.html
tongdongkhue.com/banner/ Frame 149F 		558 B
910 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tongdongkhue.com/banner/aads_300x250.html
Requested by
Host: adsxyz.com
URL: https://adsxyz.com/sponsors/linkxyz/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e1b64507c8e03581b958717b74ea4f9df546187e1477ff33f2ad65dbdfcb16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tongdongkhue.com
:scheme
https
:path
/banner/aads_300x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsxyz.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adsxyz.com/

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-type
text/html
last-modified
Wed, 30 Jun 2021 09:14:18 GMT
strict-transport-security
max-age=31536000
x-frame-options
ALLOWALL
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3s96HPqZbv9Zyb0xHVF2OvD%2BJDQyIygdW2GKyW6NM%2FZQeSmJRwibNHPF1tsF0i2JO%2Fl7TEcxrw8CWyA0ihQFPP%2Bq8wQFwZ1yRxo1g3Sn6iorTjWdCSAa4XUB0aUGawRlbKgp"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c6242aabb1403d-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ Frame 2F03 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
ads
googleads.g.doubleclick.net/pagead/ Frame 289A 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=8044118461&adk=811018034&adf=1871615875&pi=t.ma~as.8044118461&w=691&fwrn=4&lmt=1631250536&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535716&bpp=4&bdt=367&idt=317&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8401989024828&frm=20&pv=2&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=r7xazUzUtV&p=https%3A//mrhacker.co&dtd=339
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s21-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=8044118461&adk=811018034&adf=1871615875&pi=t.ma~as.8044118461&w=691&fwrn=4&lmt=1631250536&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535716&bpp=4&bdt=367&idt=317&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8401989024828&frm=20&pv=2&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=r7xazUzUtV&p=https%3A//mrhacker.co&dtd=339
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Sep 2021 05:08:56 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Sep-2021 05:23:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame C025 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=689529487&adf=455737603&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250536&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535720&bpp=1&bdt=372&idt=345&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173&nras=1&correlator=8401989024828&frm=20&pv=1&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=2241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2LKuD8oO7d&p=https%3A//mrhacker.co&dtd=349
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s21-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=689529487&adf=455737603&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250536&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535720&bpp=1&bdt=372&idt=345&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173&nras=1&correlator=8401989024828&frm=20&pv=1&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=2241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2LKuD8oO7d&p=https%3A//mrhacker.co&dtd=349
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Sep 2021 05:08:56 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Sep-2021 05:23:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11121629
x-cache
Hit from cloudfront
content-length
3748
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-ea4"
content-type
text/css; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Wed, 04 May 2022 11:48:27 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
6pwYHMfhSCue106fytUUlaPOn0xOVfsm0oKTxaWd_Fmy3hsE90v8Yg==
x-cache-hits
0
common.bundle.72e35017d98ea7f210961b0d5c38444a.js
c.disquscdn.com/next/recommendations/ 		0
87 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 20:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4525313
x-cache
Hit from cloudfront
content-length
88853
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 19 Jul 2021 19:39:06 GMT
server
nginx
etag
"60f5d4da-15b15"
content-type
application/javascript; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Tue, 19 Jul 2022 20:07:03 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
f8A-YCRGFkmyGP1LtURyprswmWCPZrPI2Z-jr1UvHzpOoUvYm0HtBA==
x-cache-hits
0
recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js
c.disquscdn.com/next/recommendations/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643981
x-cache
Hit from cloudfront
content-length
20099
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-4e83"
content-type
application/javascript; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:55 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
EMLsI25jxho6DJlbtHl8-VxPsZBEeifoMhop_4Doj5qtztzaOCqswQ==
x-cache-hits
0
ads
googleads.g.doubleclick.net/pagead/ Frame 381B 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=215508481&adf=3059167356&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250536&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535721&bpp=2&bdt=372&idt=367&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173%2C691x173&nras=1&correlator=8401989024828&frm=20&pv=1&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ixitt2xcEt&p=https%3A//mrhacker.co&dtd=381
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s21-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=215508481&adf=3059167356&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250536&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535721&bpp=2&bdt=372&idt=367&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173%2C691x173&nras=1&correlator=8401989024828&frm=20&pv=1&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ixitt2xcEt&p=https%3A//mrhacker.co&dtd=381
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Sep 2021 05:08:56 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Sep-2021 05:23:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
settings
syndication.twitter.com/ Frame 7174 		232 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=c79381975d67bd706123e9cb72aec8899841f4c4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fmrhacker.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:55 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 05:08:56 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
1e4cea90292fa130874cdc4654ae15ffe7652e5ac21985f35ac178f10522d433
content-length
166
/
disqus.com/recommendations/ Frame 95B2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
41faa68378a6c68e19722b376992653598878b6633da16992e9d66a4fb15ef3b
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Connection
keep-alive
Content-Length
2402
Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified
Mon, 13 Jul 2020 23:47:40 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Date
Fri, 10 Sep 2021 05:08:56 GMT
Age
112
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
1313462
ad.a-ads.com/ Frame 5589 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313462?size=300x250
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/banner/aads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
4e8535a88d619b2912d96dbcc3d7cfc29b2fcee30cf338af808c41dfce0c0aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=449819189&t=pageview&_s=1&dl=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&ul=en-us&de=UTF-8&dt=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom%20%7C%20MrHacker&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUAB~&cid=1968935331.1631250536&tid=UA-146590598-1&_gid=2090274773.1631250536&gtm=2ou910&z=201778121
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:40:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
44904
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
lounge.load.9bdb65de27b881f62b84ef54f46d1575.js
c.disquscdn.com/next/embed/ Frame 1798 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.9bdb65de27b881f62b84ef54f46d1575.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
8dedd8362bb42b3e64a65b7bc88013fd669da19133f0f63e930f0c8c86681b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643980
x-cache
Hit from cloudfront
content-length
533
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-215"
content-type
application/javascript; charset=utf-8
via
1.1 ad6867d63596a34d30f21ec3e1133a3d.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
FCAFqF_GnMXgKV3OgbwJ6xYfq3xBOt5vDQSzaC6pNSoGZgeAEp99dw==
x-cache-hits
0
invoke.js
www.effectivedisplayformat.com/aed0e75d8283c027969e406e45c6eca3/ Frame C85C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/aed0e75d8283c027969e406e45c6eca3/invoke.js
Requested by
Host: porns.photos
URL: https://porns.photos/banner/adsterra_300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://porns.photos/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:08:56 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.effectivedisplayformat.com/6cc0003302752de793ff29e3ffcd55ae/ Frame 9727 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/6cc0003302752de793ff29e3ffcd55ae/invoke.js
Requested by
Host: fappinghd.com
URL: https://fappinghd.com/banner/adsterra_300x250.html?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fappinghd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:08:56 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.effectivedisplayformat.com/bd767f2ee1885c1d7fb4ba5e5953d89d/ Frame 32CD 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/bd767f2ee1885c1d7fb4ba5e5953d89d/invoke.js
Requested by
Host: egirlgirl.com
URL: https://egirlgirl.com/banner/adsterra_300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://egirlgirl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:08:56 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.effectivedisplayformat.com/5443e680fc84477d90d46ca506b1db43/ Frame C0F7 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/5443e680fc84477d90d46ca506b1db43/invoke.js
Requested by
Host: clipsex.online
URL: https://clipsex.online/banner/adsterra_300x250.html?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clipsex.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:08:56 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.effectivedisplayformat.com/e3f31de3ba73aad193bc6d6123925a0d/ Frame 91EF 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/e3f31de3ba73aad193bc6d6123925a0d/invoke.js
Requested by
Host: thesexscene.com
URL: https://thesexscene.com/banner/adsterra_300x250.html?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thesexscene.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:08:56 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.effectivedisplayformat.com/09b4c663c359aa4550e8776a006e591a/ Frame 0967 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/09b4c663c359aa4550e8776a006e591a/invoke.js
Requested by
Host: javbest.co
URL: https://javbest.co/banner/adsterra_300x250.html?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://javbest.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:08:56 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
1331410
ad.a-ads.com/ Frame F9E3 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1331410?size=300x250
Requested by
Host: null88.com
URL: https://null88.com/banner/aads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
d3da3d9c5107d1f74c868fe1c412db3cfc9093693716a22756747a3c892cf5e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://null88.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://null88.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://null88.com/
Content-Encoding
gzip
jads2.js
poweredby.jads.co/js/ Frame 1271
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: jav1080.com
URL: https://jav1080.com/banner/juicyads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jav1080.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 19:10:29 GMT
Server
nginx
ETag
W/"5e0262a5-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Fri, 10 Sep 2021 05:08:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
jads2.js
poweredby.jads.co/js/ Frame 78EA
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: xdultchannel.com
URL: https://xdultchannel.com/banner/juicy_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xdultchannel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 19:10:29 GMT
Server
nginx
ETag
W/"5e0262a5-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Fri, 10 Sep 2021 05:08:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
1687823
ad.a-ads.com/ Frame 2838 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1687823?size=300x250
Requested by
Host: phancongkhanh.com
URL: https://phancongkhanh.com/banner/aads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
11358fd75b1d5fcbf8a97a510154f3580857fc9c0997827b59afb59224feec66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://phancongkhanh.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://phancongkhanh.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://phancongkhanh.com/
Content-Encoding
gzip
1687802
ad.a-ads.com/ Frame 56E0 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1687802?size=300x250
Requested by
Host: tongdongkhue.com
URL: https://tongdongkhue.com/banner/aads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
7d4b3a4f9354edb633ee8ddd2d2ebd899c0bbd17c93740c802bc9e5bf19508a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tongdongkhue.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tongdongkhue.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tongdongkhue.com/
Content-Encoding
gzip
recommendations.load.064141e2948b0e7f6218d4075662ea80.js
c.disquscdn.com/next/recommendations/ Frame 95B2 		923 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.064141e2948b0e7f6218d4075662ea80.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
cd132cc11b4c3feea41adf4d06a10f935dc9bf596dfa23d6f48ccb8fe2d44bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643981
x-cache
Hit from cloudfront
content-length
448
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-1c0"
content-type
application/javascript; charset=utf-8
via
1.1 ad6867d63596a34d30f21ec3e1133a3d.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:55 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
a-KStLBkvJ3a3ajcnQ6rtlaIfHSGnHMhn2VQw_rVj_HONplQZ8X8YA==
x-cache-hits
0
jads2.js
poweredby.jads.co/js/ Frame E58A
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: pornbebes.com
URL: https://pornbebes.com/banner/juicyads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pornbebes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 19:10:29 GMT
Server
nginx
ETag
W/"5e0262a5-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Fri, 10 Sep 2021 05:08:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
300x250
static.a-ads.com/a-ads-banners/103763/ Frame 5589 		686 KB
687 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/103763/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313462?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2191d31c59541b9c44346fde06c4e0ea2900c7ff88d084e8871ef13d2daa1326

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Last-Modified
Fri, 27 Dec 2019 12:20:30 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
KABEHRQ1R0MYNC07
ETag
"28dd56aa4c3448923f2e06f6f90e1017"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
702864
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
KIPQ8aj2AKbgfuqCDbQF8bZCjZrg7.Bd
x-amz-id-2
BUlWn2Qn8F+JEofbxpdJP1G4TJJsc2I0qe6uWV52n6CyEAYuPVsqKdWGLpv5LHq/mUmureAZzLA=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
horizon_tweet.0c307910a3b82b535f15af7aa5102a10.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.0c307910a3b82b535f15af7aa5102a10.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D3) /
Resource Hash
bfe1c96d2b61be1e17839f9e3d734ba10701c7be4a38faff1a63f4aedc3d31de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:33:39 GMT
Server
ECS (frb/67D3)
Age
23549
Etag
"4985a73adee036c4a8fe64d49af6033a+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2443
truncated
/ Frame 5589 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
c.disquscdn.com/next/embed/ Frame 1798 		282 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.9bdb65de27b881f62b84ef54f46d1575.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 20:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4525303
x-cache
Hit from cloudfront
content-length
94790
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 19 Jul 2021 19:39:06 GMT
server
nginx
etag
"60f5d4da-17246"
content-type
application/javascript; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Tue, 19 Jul 2022 20:07:13 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
eI8iW_-j4fXqMxl3T0nDtYLslh2XAnegSAmrb12OskrcGRfzGcZ9pA==
x-cache-hits
0
300x250
static.a-ads.com/a-ads-banners/118229/ Frame F9E3 		682 KB
683 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/118229/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1331410?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b81d1d6dc8129dde051254463257a664dfe1bb49b78f0f4cd37dafbb3f960f93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Last-Modified
Sun, 26 Apr 2020 07:21:07 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
F8EB9PKF3RCR5NJG
ETag
"ce8c5673a039ad9769d3265284d8f5f4"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
698412
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
UQkZBCfcjGWdsi6lCz_51AvW3yIHMTsf
x-amz-id-2
U3fzKDTiQsJAoh8SaIQ0Kv0GzSNQnUseZd4VFXlj4ukyOw4MgVpRsYzsJcqzXazTIfE+i1EC7tk=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
common.bundle.72e35017d98ea7f210961b0d5c38444a.js
c.disquscdn.com/next/recommendations/ Frame 95B2 		262 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.064141e2948b0e7f6218d4075662ea80.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
1a9b2621dcaa88ed6a5d03a96cf38e466a9c2928e5fae60b5b977a33f8b63460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 20:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4525313
x-cache
Hit from cloudfront
content-length
88853
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 19 Jul 2021 19:39:06 GMT
server
nginx
etag
"60f5d4da-15b15"
content-type
application/javascript; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Tue, 19 Jul 2022 20:07:03 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
k-HpYhz1LpRgf7mfLL5CIpwSxfU5rsIG8NXtL4oJDGjWNxUQAlgwkw==
x-cache-hits
0
truncated
/ Frame F9E3 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2838 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 56E0 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
Tweet.html
platform.twitter.com/embed/ Frame 386A 		487 B
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
0683a1add44ec1b469bed17240e847c6b1bf0746e7ee287f9b9b33cb5adbf8fc

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1060
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Sep 2021 05:08:56 GMT
Etag
"672ea4f09b5a253b05329ee849064fc0"
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
jads2.js
poweredby.jads.co/js/ Frame BEAA
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: sex4viet.com
URL: https://sex4viet.com/banner/juicyads_300x250.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sex4viet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 19:10:29 GMT
Server
nginx
ETag
W/"5e0262a5-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Fri, 10 Sep 2021 05:08:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
invoke.js
www.effectivedisplayformat.com/ce837432d89888a9cd410c058aadeabf/ Frame 5663 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/ce837432d89888a9cd410c058aadeabf/invoke.js
Requested by
Host: fapbest.com
URL: https://fapbest.com/banner/adsterra_300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fapbest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:08:56 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.effectivedisplayformat.com/08e05c122e61643b93987276460d346c/ Frame 6AB0 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.effectivedisplayformat.com/08e05c122e61643b93987276460d346c/invoke.js
Requested by
Host: nude-hot.com
URL: https://nude-hot.com/banner/adsterra_300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nude-hot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 05:08:56 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
embed.runtime.ba5a9b2f1af2a07eb6ac.js
platform.twitter.com/embed/ Frame 386A 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.ba5a9b2f1af2a07eb6ac.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
7f7e5b7357faea48e8742fb8535313bd5f478e1b9947bc15644ce183d56dc9d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/67AA)
Age
23550
Etag
"444541c03ea1498c23a3f88dfe81edb3+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3540
embed.modules.6d412ab277f295e6d2f6.js
platform.twitter.com/embed/ Frame 386A 		510 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.6d412ab277f295e6d2f6.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
11358d2115817389c001cc4e11e470ded0caa3999b0cc923c4c7c1459d36c345

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/67E0)
Age
23549
Etag
"ff61fb364693cdc4ee1e60ce67e16202+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
164115
embed.i18n.fca6d1207a0eb09086fa.js
platform.twitter.com/embed/ Frame 386A 		146 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.fca6d1207a0eb09086fa.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
ae33dd22d81c7494fa59404d4dcb6e28dd2bc0346494efde5bbc630301d1592a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/6712)
Age
23549
Etag
"c82976f830f64e89c4fc50e5b78cef64"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.2d315c2027f2593bc8ea.js
platform.twitter.com/embed/ Frame 386A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.2d315c2027f2593bc8ea.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) /
Resource Hash
e7fecca72827ce8c5a96210fa24127e276ddbd52856b9e07a1c51752e111691c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/6793)
Age
23550
Etag
"d16f29f9a59af043ee0b10fd14f32674+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5636
lounge.aa6d56595a43bd5e887186df12931c03.css
c.disquscdn.com/next/embed/styles/ Frame 1798 		163 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.aa6d56595a43bd5e887186df12931c03.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
cf7ffb56cda8d58d7a7783e442a5729573c7e5d7098785c9a6cb382f2a772b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 22:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
716862
x-cache
Hit from cloudfront
content-length
26040
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 01 Sep 2021 21:40:36 GMT
server
nginx
etag
"612ff354-65b8"
content-type
text/css; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Thu, 01 Sep 2022 22:01:14 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
AWA12shhPHYTcb3e07QAVP8IWNkl9JR6adlvsqAAzdbP3dlzTlJgZA==
x-cache-hits
0
recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ Frame 95B2 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 04 May 2021 11:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11121629
x-cache
Hit from cloudfront
content-length
3748
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-ea4"
content-type
text/css; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Wed, 04 May 2022 11:48:27 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
J7iYo0CSNwBGb8jGnUIi2Ppq_0Tc772xH_T4D9j5nQ54lpoea4Y5Dg==
x-cache-hits
0
adshow.php
poweredby.jads.co/ Frame C49D 		0
0
Cookie set adshow.php
poweredby.jads.co/ Frame 177C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=929973
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
b6c2d3cc3702ab23f4506b462453061f9d60de48b5b60a8925f0adf963da1513

Request headers

Host
poweredby.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jav1080.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jav1080.com/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 05:08:57 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=d1a46e19da642e192d2473e43ae2d55b; expires=Sat, 10-Sep-2022 05:08:56 GMT; Max-Age=31536000; path=/; domain=.juicyads.com juicy_data_1=YTowOnt9; expires=Mon, 13-Sep-2021 05:08:56 GMT; Max-Age=259199; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 13-Sep-2021 05:08:56 GMT; Max-Age=259199; domain=juicyads.com
Content-Encoding
gzip
adshow.php
poweredby.jads.co/ Frame 5E5F 		0
0
Cookie set adshow.php
poweredby.jads.co/ Frame 4AC3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=929956
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
1188fdbd16b9defbef3b6fc886dad69a800436bd8fe0b8cf4ca8bf4d5caae51b

Request headers

Host
poweredby.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xdultchannel.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xdultchannel.com/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 05:08:57 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=d1a46e19da642e192d2473e43ae2d55b; expires=Sat, 10-Sep-2022 05:08:56 GMT; Max-Age=31536000; path=/; domain=.juicyads.com juicy_data_1=YTowOnt9; expires=Mon, 13-Sep-2021 05:08:56 GMT; Max-Age=259199; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 13-Sep-2021 05:08:56 GMT; Max-Age=259199; domain=juicyads.com
Content-Encoding
gzip
lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
c.disquscdn.com/next/embed/ Frame 1798 		468 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
0a92d224a35aab3de7aa661df5c11272eea7f7fc8065230cf6b221a2e4961c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643980
x-cache
Hit from cloudfront
content-length
120689
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-1d771"
content-type
application/javascript; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:56 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
SFVuwStHxgnq7LlyQNy34ZigtF2BOV0F-IytmNbXA2TXSatpYx6j6g==
x-cache-hits
0
config.js
disqus.com/next/ Frame 1798 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d42bb63e3b2715e5c23c160d1c93e069034c282c7650cf8b074b35251097fb95
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
19
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12046
X-XSS-Protection
1; mode=block
recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js
c.disquscdn.com/next/recommendations/ Frame 95B2 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
f154ad0a779cdcbfe1cb4e5df7f12695b16ed0839247ae9622663c3859e20ec8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
643981
x-cache
Hit from cloudfront
content-length
20099
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-4e83"
content-type
application/javascript; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:55 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
qsnFm_-n1Aj-MSXnPCyUAvCWBG3gtI5-GhFHQz6UP9TrbM1ie2IYPw==
x-cache-hits
0
config.js
disqus.com/next/ Frame 95B2 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d42bb63e3b2715e5c23c160d1c93e069034c282c7650cf8b074b35251097fb95
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
19
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12046
X-XSS-Protection
1; mode=block
adshow.php
poweredby.jads.co/ Frame C428 		0
0
Cookie set adshow.php
poweredby.jads.co/ Frame CE91 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=929979
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
7c1126ba3c8459e96c3dadc0b6f01a31471704719b1a5385ed68f45b046202f4

Request headers

Host
poweredby.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pornbebes.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pornbebes.com/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 05:08:57 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=d1a46e19da642e192d2473e43ae2d55b; expires=Sat, 10-Sep-2022 05:08:56 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps44428=1; expires=Sat, 11-Sep-2021 05:08:57 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjEyMjAyMzg7aToxNjMxNTA5NzM2O30%3D; expires=Mon, 13-Sep-2021 05:08:56 GMT; Max-Age=259199; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 13-Sep-2021 05:08:56 GMT; Max-Age=259199; domain=juicyads.com
Content-Encoding
gzip
embed.vendors~ondemand.horizon-web.en-js.adcb3a520eb6eab2f5eb.js
platform.twitter.com/embed/ Frame 386A 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.adcb3a520eb6eab2f5eb.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ba5a9b2f1af2a07eb6ac.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
26d788a2a593ee53a9126a76e00b1085b83c238ac207d89666ab75f855231f14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/668B)
Age
23548
Etag
"eded0105ab27a2d62811c8af369c2bc1+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
7955
embed.ondemand.i18n.en-js.e118516d2a7cf1b9f689.js
platform.twitter.com/embed/ Frame 386A 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.e118516d2a7cf1b9f689.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ba5a9b2f1af2a07eb6ac.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6731) /
Resource Hash
a0e15885d6d7e1694c5d7cdaff3ed800baabe7359ddf0e70f632b903ec624fb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/6731)
Age
23550
Etag
"ad3c3dffcde6bdbeb1bf440bf8999746+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2056
details
disqus.com/api/3.0/forums/ Frame 1798 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=mrhackerco&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
11f4e5be19e8e69a1ade5739ea0eb588f315ab34ca8a65bf3cd72b31121aa65e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
112
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3349
X-XSS-Protection
1; mode=block
details
disqus.com/api/3.0/forums/ Frame 95B2 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=mrhackerco&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
11f4e5be19e8e69a1ade5739ea0eb588f315ab34ca8a65bf3cd72b31121aa65e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
112
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3349
X-XSS-Protection
1; mode=block
adshow.php
poweredby.jads.co/ Frame 6394 		0
0
Cookie set adshow.php
poweredby.jads.co/ Frame A320 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=929967
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
9b9a4658a4912f98669a0f59f3421556b3246714cf9e6ff92dc3da6274502156

Request headers

Host
poweredby.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sex4viet.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sex4viet.com/

Response headers

Server
nginx
Date
Fri, 10 Sep 2021 05:09:00 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=d1a46e19da642e192d2473e43ae2d55b; expires=Sat, 10-Sep-2022 05:08:56 GMT; Max-Age=31536000; path=/; domain=.juicyads.com juicy_data_1=YTowOnt9; expires=Mon, 13-Sep-2021 05:08:56 GMT; Max-Age=259196; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 13-Sep-2021 05:08:56 GMT; Max-Age=259196; domain=juicyads.com
Content-Encoding
gzip
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.9787d53ebbb5f72cb593.js
platform.twitter.com/embed/ Frame 386A 		144 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.9787d53ebbb5f72cb593.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ba5a9b2f1af2a07eb6ac.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BD) /
Resource Hash
e32c2b4173888243555c41b68a80f48a4aa18847d10a465c029db6042d52ea5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/67BD)
Age
23549
Etag
"d401d40028fec960fd94ba14f0868eb0+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
40413
embed.vendors~ondemand.Tweet.fe975bb428059b89523c.js
platform.twitter.com/embed/ Frame 386A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.fe975bb428059b89523c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ba5a9b2f1af2a07eb6ac.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
14ee10387bd3e877794228db2892115d6be65ed86de5da64dd94a66710418ac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/6752)
Age
23549
Etag
"8776fda3be73ccdc69260c57dbd38db1+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5873
embed.ondemand.Tweet.41972e180617ea45e07b.js
platform.twitter.com/embed/ Frame 386A 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.41972e180617ea45e07b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ba5a9b2f1af2a07eb6ac.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
553d3982d9f510a165f384512122570431df82d015502771e79b9823a805d94f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=MrHackerCo&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1425447533598453760&lang=en&origin=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&sessionId=c79381975d67bd706123e9cb72aec8899841f4c4&siteScreenName=MrHackerCo&theme=light&widgetsVersion=1890d59c%3A1627936082797&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 22:33:54 GMT
Server
ECS (frb/6762)
Age
23549
Etag
"7e637c60dcd7bc92b3bab2f83b13eddc+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
14991
noavatar92.png
a.disquscdn.com/1631056800/images/ Frame 1798 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1631056800/images/noavatar92.png
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
120651
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
content-type
image/png
content-length
1644
x-amz-cf-id
ubKt7S8KHZN03wtHnkGCYvstiRZR3eESttQGFhbt-8eu18LRqmHs4w==
expires
Fri, 08 Oct 2021 19:38:05 GMT
truncated
/ Frame 1798 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
listRecommendations.json
disqus.com/api/3.0/discovery/ Frame 95B2 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=mrhackerco&thread=ident%3Amrhackerco-50640&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.72e35017d98ea7f210961b0d5c38444a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f2f7c7d3f411947762dedb0f0557a9eba5d8fbfdce49a3ed2b8794a9fcec544b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/recommendations/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:56 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
112
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control
stale-while-revalidate=450, public, max-age=1800
Connection
keep-alive
Content-Type
application/json
Vary
Origin
Content-Length
6128
X-XSS-Protection
1; mode=block
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 03 May 2021 20:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11176047
x-cache
Hit from cloudfront
content-length
26578
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-67d2"
content-type
application/javascript; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Tue, 03 May 2022 20:41:29 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
x1t1UpGI41YiiUJpXPwWKL3eCh7DojUGuYxLew9aSCQc3UQMfnZeJg==
x-cache-hits
0
get
c.disquscdn.com/ Frame 95B2 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F10%2Fnordvpn-server-was-hacked.jpg&key=d49R8v6RMTrdU6oMr2_OJg&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
fb81d4108d1a485047b260bd9736c2c8ef105b1f56ead03c7d7f2a8811b3a6bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 07:51:50 GMT
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1977426
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
3532
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBrkVK%2FI81Bh6kqrAYHiYiCK6cv64vnZiTWx1sWpC67MB5MNVxaXKg9%2F7gd58Qc7qj7SGmYQUllbOpNgC6QLvJoORniHBBGCUTacwrl%2FP0slGZ1vCIyaiy5B%2BUhZKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
LHR61-C1
accept-ranges
bytes
x-amz-cf-id
Qle3p3Nr4BGBdfSg5QhPLY5T_G0dIhcNPzRax7MqCrbovu_VPWanzA==
expires
Fri, 17 Sep 2021 07:51:50 GMT
get
c.disquscdn.com/ Frame 95B2 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F08%2Fremote-access-trojan.png&key=IidVFmgt_ZPrbq5XbCNarw&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
6ea5ae441130287eb5d58aebb3425bd80c9836d3c51e5e04e293cae2188b1bae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:59:13 GMT
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1525549
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
32515
x-xss-protection
1; mode=block
x-served-by
static-web-2
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssYr0g%2BFD8CNWmlSExpCjllqWPqSx0IjodISwdjpck6xTzdE1krmn2Sem6hHuiWyf5sA5n%2FEsa9k%2FXFe6G1uKTBh1%2FAwlxE15o0V3H87ziqYFKY8tMNtw7UYFLcLXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
x-amz-cf-pop
LHR61-C1
accept-ranges
bytes
x-amz-cf-id
1o2wK0xHmIakWLNUUTLJ6mfpeWyyhC-GjYfMYmVTFRnOKHf86FlFbQ==
expires
Wed, 22 Sep 2021 13:59:13 GMT
get
c.disquscdn.com/ Frame 95B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2020%2F04%2Fhow-to-get-windows-10-2004-release-preview.jpg&key=VkcfeckCrYChI1IL-3gBzQ&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
get
c.disquscdn.com/ Frame 95B2 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F08%2Fzameen-com-hacked.jpg&key=eE1u6TVhx6ZRYzTOq33RaQ&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
d14249854f89bfc3d438d887833ac7ec8f86f7070a683454e325d3b54810ce11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 07:51:50 GMT
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2001963
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
20678
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuQwQSprIzHYrO7agIkDh784ZgcVBVqnrE1JzTJ2reD%2FZioPUGBX0LF5nPRsOYy6zdqyY0eQ1SUxC20ixDz72IidzkiJl1I3em%2FuCuB76j0zW%2BIwNlTqOJVyjQj58Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
LHR61-C1
accept-ranges
bytes
x-amz-cf-id
24lOoi5GKzB2lPGqBFNKaA1oqpx7ichb0EIgyCNjCHQAJUnz5ydefA==
expires
Fri, 17 Sep 2021 07:51:50 GMT
get
c.disquscdn.com/ Frame 95B2 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F10%2Fnginx-php-fpm-hacking-exploit.jpg&key=FmmPpxDtKf3-7Od2A_FxeQ&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
a68091c3a89ef3d42bdf172776721fade92cbc1bf09821205f1a2370a3f7c3a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 07:51:50 GMT
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2004157
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
11150
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klWj6gx%2FnpeSvplluyPT5SZWZCAm364J07ixMRdKYczig49TK37%2BP%2FmUqcLUULY04fFmpbBJgOmnL2SDeegNuVpLmwK4SaFEx6nqlcnZMYrNgT2u1amWMhmuZm74hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
LHR61-C1
accept-ranges
bytes
x-amz-cf-id
I92hmmCv3WImEm4N3PChwKDAyck7nc7csN40YMEBx9UTIPUmlzR4jg==
expires
Fri, 17 Sep 2021 07:51:50 GMT
get
c.disquscdn.com/ Frame 95B2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2019%2F08%2Fatm2bmalware.jpg&key=RW9S4XLIDRfebY7mlx4nnQ&h=200
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
189f9e055dd25823d14b06678036d41865d143d8ca4813fe97c08db4eb21e851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 16:05:19 GMT
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
392617
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits
0
content-length
10800
x-xss-protection
1; mode=block
x-served-by
static-web-1
server
nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BaQyLA7NrkUMScj8b9mGRgjN0PqC3LS981EmTdcODZXDaUETYl81LzX42FjT%2F5E7nBgbzZsVIf1dkiu52TWgERa0Tm3jNZPMo1Amn%2F8j%2F7e%2BA0vO9SF0hZjbKQb0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
LHR61-C1
accept-ranges
bytes
x-amz-cf-id
hbtKJLPZzGbJNylLbrqQmOEVExmZDnWYmmpnx4v_OEnrpS3G9gfYcQ==
expires
Tue, 05 Oct 2021 16:05:19 GMT
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 9443 		337 B
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 01:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
619455
x-cache
Hit from cloudfront
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-f4"
content-type
text/css; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Sat, 03 Sep 2022 01:04:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
w0pH2Xl1KBv_aF2aAksdmVCtwUYBgsWjzecwyr8ZzsjFU5l-NRrhwg==
x-cache-hits
0
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame BEDC 		337 B
806 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: mrhackerco.disqus.com
URL: https://mrhackerco.disqus.com/embed.js?ver=5.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-33.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 01:04:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
619455
x-cache
Hit from cloudfront
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-f4"
content-type
text/css; charset=utf-8
via
1.1 1e9d4474768cac13d02c7902d1cf85df.cloudfront.net (CloudFront)
expires
Sat, 03 Sep 2022 01:04:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
LHR61-C1
timing-allow-origin
*
x-amz-cf-id
3560y5hBsueDoR9NLZnedo189erdhlrNlJ-IkgbEOBXQUCPse31YnQ==
x-cache-hits
0
sdk.js
connect.facebook.net/en_US/ Frame 1798 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
f2bd3b8efd0335c133b5427ed54e08d10a89f13714e22916fe79219a1a1f3150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tvWunhLZLVT0EUlCvaQpLQ==
cross-origin-resource-policy
cross-origin
expires
Fri, 10 Sep 2021 05:09:14 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
+usAd+Mf1Balr5/X0pYZ0odE93oZyJvcjp8+0oaQDfmzXzhFn8Zt7KJpxS4hyYzO9ShaJVWJPZbfub7+GXPGGQ==
x-fb-trip-id
917726464
x-fb-content-md5
985ef27ae1fab76ba0331bf27a39167d
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 10 Sep 2021 05:08:56 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"57ae6dadeaa01690aad00f2ac39c4e81"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
api.js
apis.google.com/js/ Frame 1798 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f14.1e100.net
Software
ESF /
Resource Hash
71f6ddf045f219694a515f6a9cbd397947150d872f33c9f03b7629d6f8b45c6d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nmVuf+GP6i1Ne0Dx6ohL1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"6cf1a8085d365822968a50501ed9fdee"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-nmVuf+GP6i1Ne0Dx6ohL1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Fri, 10 Sep 2021 05:08:56 GMT
pixel.gif
cdn.viglink.com/images/ 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=7.263497063764676
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.164.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
age
12
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=15, must-revalidate
content-length
43
accept-ranges
bytes
cf-ray
68c6242f1e5e3ba9-CDG
x-amz-request-id
ABPMNVEYHHJWWRYR
x-amz-id-2
gVy92BlHpcljM9ysrcE33avtGk49cVh5MN8Hn3rDfdPxq8tnQU/mmBPb2pok/lOzzfgDqj2tA/c=
pixel.gif
cdn.viglink.com/images/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=7.263497063764676
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.164.13 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:56 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
age
12
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=15, must-revalidate
content-length
43
accept-ranges
bytes
cf-ray
68c6242f1e613ba9-CDG
x-amz-request-id
ABPMNVEYHHJWWRYR
x-amz-id-2
gVy92BlHpcljM9ysrcE33avtGk49cVh5MN8Hn3rDfdPxq8tnQU/mmBPb2pok/lOzzfgDqj2tA/c=
tweet
cdn.syndication.twimg.com/ Frame 386A 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1425447533598453760&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.6d412ab277f295e6d2f6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.70 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
383576f16a9b11bf23ca3df7a5357f7765a9842fb9f9a31bcaca3e2faf28b01c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src https://abs.twimg.com; script-src https://abs.twimg.com about:; style-src https://abs.twimg.com 'unsafe-inline'; font-src https://abs.twimg.com https://twitter.com; connect-src 'none'; object-src 'none'; media-src 'none'; frame-src 'none'; report-uri https://twitter.com/i/csp_report?a=ORTGK%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src 'none'; img-src https://abs.twimg.com; script-src https://abs.twimg.com about:; style-src https://abs.twimg.com 'unsafe-inline'; font-src https://abs.twimg.com https://twitter.com; connect-src 'none'; object-src 'none'; media-src 'none'; frame-src 'none'; report-uri https://twitter.com/i/csp_report?a=ORTGK%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"16-LGRtdrPlUULfESdbhaic1Iw99do"
x-powered-by
Express
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
content-length
1723
x-xss-protection
0
server
tsa_f
x-frame-options
SAMEORIGIN
date
Fri, 10 Sep 2021 05:08:56 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
text/html;charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=1
access-control-allow-credentials
true
x-connection-hash
b1974d96fd9f6bf99389eb3c5e6f986344836cb39cb49a9e28df5cd33eabe12f
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
sdk.js
connect.facebook.net/en_US/ Frame 1798 		222 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b97e0a0805aa515fce81e6a709e88e5d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
66adfd9392bf49bf0157e17151474cb7c64ea79f69c4ddb49222a31e85ec316c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
3JVhW+7DDaBCn9MUz4wTwA==
cross-origin-resource-policy
cross-origin
expires
Sat, 10 Sep 2022 03:30:36 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66826
x-fb-rlafr
0
x-fb-debug
ZiD2NHz+90QyHUXKxb0ZolWkp+Pqi+Nb7i9lfRPGRcRuhoFoFJv2gXP4h8jGwzHQMI0dYsmb2NCarY18/G1iBw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a6914307fa901c4409508ec7bf1c7e72
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 10 Sep 2021 05:08:56 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"01942d9c551ea2dd55454c034987b441"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
status
www.facebook.com/x/oauth/ Frame 1798 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fmrhacker.co&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dmrhackerco%26t_i%3Dmrhackerco-50640%26t_u%3Dhttps%253A%252F%252Fmrhacker.co%252Fmalware%252Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%26t_e%3DLockbit%2520ransomware%2520hacks%2520Accenture%252C%2520encrypts%25202%252C500%2520computers%252C%2520steals%25206%2520TB%2520of%2520data%2520and%2520demands%2520%252450%2520million%2520USD%2520ransom%26t_d%3DLockbit%2520ransomware%2520hacks%2520Accenture%252C%2520encrypts%25202%252C500%2520computers%252C%2520steals%25206%2520TB%2520of%2520data%2520and%2520demands%2520%252450%2520million%2520USD%2520ransom%26t_t%3DLockbit%2520ransomware%2520hacks%2520Accenture%252C%2520encrypts%25202%252C500%2520computers%252C%2520steals%25206%2520TB%2520of%2520data%2520and%2520demands%2520%252450%2520million%2520USD%2520ransom%26s_o%3Ddefault%23version%3D9bdb65de27b881f62b84ef54f46d1575&sdk=joey&wants_cookie_data=false
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
d3LNQQHEUriRRxTWgU1Tji0OMt2e6/FedIs2XmvXRgmnXhFthZqxgmru9dBYYIeXakbqA3rLE9tGRv+afY2XlA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 10 Sep 2021 05:08:56 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://disqus.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
jot
syndication.twitter.com/i/ Frame 386A 		0
0
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ Frame 1798 		103 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f14.1e100.net
Software
sffe /
Resource Hash
59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 08:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35070
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 08:39:03 GMT
iframe
accounts.google.com/o/oauth2/ Frame 368A 		513 B
920 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.109 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f13.1e100.net
Software
ESF /
Resource Hash
cbb4b54f81e10523ab2e3138026274e620e4012abca57c6ed139670cbcd910fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hudsM5rAD2A2/o4stdY55g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
accept-encoding
gzip, deflate, br
cookie
NID=223=GODKXjbpjGTtiM41LVIhx5V09KH8WulxjcgrY44gQxCDmxJVAyB0dTPEkGHvNIAnx2M3tLZrJrTYd7JLWckbhMVRd2lX4FLjxhjGOisiiUS_XcKTbY6_XtOw1V4A1lONnXj2_HyvXUOsLU810TMqqAwPPzdTveYP7qXoIwgtIEA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 10 Sep 2021 05:08:57 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-hudsM5rAD2A2/o4stdY55g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ping
links.services.disqus.com/api/ 		316 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
7dc4b00a447f3c4957f8736c6dbdf57ac5354034a68ca765c96e95f9f3a1f97f

Request headers

Referer
https://mrhacker.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 05:08:57 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://mrhacker.co
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
316
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
links.services.disqus.com/api/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 05:08:57 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
links.services.disqus.com/api/ 		76 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
1073028375c8b5a26f7ee83338cacaffd4ee613c995b18881fcf659ee5d6ed72

Request headers

Referer
https://mrhacker.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 05:08:57 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://mrhacker.co
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
76
Expires
Thu, 01 Jan 1970 00:00:00 GMT
44426-1631220048-0830822001631220048.gif
i.jads.co/network/user3107/ Frame CE91 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/network/user3107/44426-1631220048-0830822001631220048.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=929979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d442a258b5c4a8b1cdb3a8e5a7c15af9b42de3c74e33e65613a56a99a7ab057a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:57 GMT
last-modified
Thu, 09 Sep 2021 20:40:48 GMT
etag
"1631220048"
x-hw
1631250537.dop123.am5.t,1631250537.cds294.am5.hn,1631250537.cds267.am5.c
content-type
image/gif
cache-control
max-age=31533264
accept-ranges
bytes
content-length
37110
1x1.gif
i.jads.co/ Frame 4AC3 		43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/1x1.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=929956
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:57 GMT
last-modified
Thu, 03 Mar 2016 18:47:18 GMT
etag
"1457030838"
x-hw
1631250537.dop123.am5.t,1631250537.cds294.am5.hn,1631250537.cds151.am5.c
content-type
image/gif
cache-control
max-age=24438728
accept-ranges
bytes
content-length
43
promo.php
bngdyn.com/ Frame C617 		151 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bngdyn.com/promo.php?c=393610&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=1
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=929956
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.75.253.85 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
32f8437db532ec8fb7949817d8d92680900c2895ff942e227b4bf8cfa512bce9
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

:method
GET
:authority
bngdyn.com
:scheme
https
:path
/promo.php?c=393610&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://poweredby.jads.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/

Response headers

server
nginx
date
Fri, 10 Sep 2021 05:08:59 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
expires
Fri, 10 Sep 2021 05:08:58 GMT
cache-control
no-cache public
x-bcs
ded7384
strict-transport-security
max-age=0;
content-encoding
gzip
x-bc-bl
105
5f049e462d2c8
gamesfromheaven.com/iframe/ Frame 40E9 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268783
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=929973
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.188.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
559149eca12826b13e46d3b01956720158b017d1f8e1258a722a2a74be579bfb

Request headers

:method
GET
:authority
gamesfromheaven.com
:scheme
https
:path
/iframe/5f049e462d2c8?iframe&ag_custom_domain=268783
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://poweredby.jads.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/

Response headers

date
Fri, 10 Sep 2021 05:08:57 GMT
content-type
text/html
set-cookie
showed_14519_97035=[2475523]; Expires=Sat, 11-Sep-21 05:08:57 GMT; Domain=gamesfromheaven.com; Path=/; Secure; SameSite=None c_e2ca205b02c8b9dcecd4d5fd536033be=1; Expires=Sat, 11-Sep-21 05:08:57 GMT; Domain=gamesfromheaven.com; Path=/; Secure; SameSite=None z_1a221501de604814d3e9c4ce8ddfb42c=1; Expires=Sat, 11-Sep-21 05:08:57 GMT; Domain=gamesfromheaven.com; Path=/; Secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UbFP2lzFDiLr2wdASQgO9mxS5rBScZ4SFW%2Bfzk4xf%2F8VCFLQAZuax7Xu1jgLWdcZaWMJ%2FSym%2BtfKTwt7XCWg7Nx1LqH4wHWSUrD19p1Xlw%2BBiGu2rOm8PBgf4onczoyqqj1VKin"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c624345f680756-LHR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1012384269-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame 368A 		116 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1012384269-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s03-in-f3.1e100.net
Software
sffe /
Resource Hash
f9a2ec5686fc3117ac1e9f72901822e7923dee2adc4f02157b6f05a20b2a596c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 18:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40580
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 16:34:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 18:02:38 GMT
jquery.tools.min.js
i.bngdyn.com/dynamic_banner/ Frame C617 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bngdyn.com/dynamic_banner/jquery.tools.min.js
Requested by
Host: bngdyn.com
URL: https://bngdyn.com/promo.php?c=393610&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.38 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bngdyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:57 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
x-cdn-diag
fra1-11058-4-39493-h-0-0---;11001-6-42465----0-0-1
expires
Sat, 14 Nov 2020 07:18:40 GMT
logo2_default.png
i.bngdyn.com/dynamic_banner/images/ Frame C617 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bngdyn.com/dynamic_banner/images/logo2_default.png
Requested by
Host: bngdyn.com
URL: https://bngdyn.com/promo.php?c=393610&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.38 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bngdyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:57 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11059-1-9965-h-0-0---;11001-6-42465----0-0-0
accept-ranges
bytes
content-length
3813
expires
Wed, 27 Jan 2021 08:42:04 GMT
8f2166cd4a8913773338791309b20e84_thumb_medium.jpg
i.bimbolive.com/06a/15b/343/ Frame C617 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bimbolive.com/06a/15b/343/8f2166cd4a8913773338791309b20e84_thumb_medium.jpg
Requested by
Host: bngdyn.com
URL: https://bngdyn.com/promo.php?c=393610&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-conversasro.com
Software
cloudflare /
Resource Hash
cab3b4e75061cdaa9d44dab3127b8b80cfbfa9036146b8cd2f588435b29f89bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bngdyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-bc-o
1
date
Fri, 10 Sep 2021 05:08:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
574416
x-o1-p6
HIT
vary
Accept-Encoding
content-length
9995
last-modified
Sun, 11 Jul 2021 14:43:48 GMT
server
cloudflare
etag
"60eb03a4-270b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 03 Oct 2021 13:35:13 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68c624358c97e638-LHR
cf-bgj
h2pri
english.png
i.bngdyn.com/dynamic_banner/images/lang/ Frame C617 		542 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bngdyn.com/dynamic_banner/images/lang/english.png
Requested by
Host: bngdyn.com
URL: https://bngdyn.com/promo.php?c=393610&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.38 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bngdyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:57 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
fra1-11023-7-33008-h-0-0---;11001-6-42465----0-1-0
accept-ranges
bytes
content-length
542
expires
Sat, 14 Nov 2020 07:18:41 GMT
border_insta.svg
i.bngdyn.com/dynamic_banner/images/ Frame C617 		438 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bngdyn.com/dynamic_banner/images/border_insta.svg
Requested by
Host: bngdyn.com
URL: https://bngdyn.com/promo.php?c=393610&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.38 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
068db852edee183ad9ce57a9083bde719def67ee45a212820ce8b1647f215d82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bngdyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:57 GMT
last-modified
Mon, 16 Nov 2020 06:19:27 GMT
vary
Accept-Encoding
x-bcs-o
1
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
x-cdn-diag
fra1-11038-4-42297-h-0-0---;11001-6-42465----0-1-0
accept-ranges
bytes
x-cache-1
1
content-length
438
expires
Tue, 17 Nov 2020 06:21:09 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 368A 		14 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1012384269-idpiframe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.109 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f13.1e100.net
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 10 Sep 2021 06:08:58 GMT
30bdf7cae51bb44441d26281e0dcb279.png
iadoremakingpics.com/bnr/4/30b/df7cae/ Frame 40E9 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iadoremakingpics.com/bnr/4/30b/df7cae/30bdf7cae51bb44441d26281e0dcb279.png
Requested by
Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.65.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56d004e162b49ddf2cf14350bf7ceaaac4fc2c6e25821a7803ff14760d3238ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamesfromheaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 02 Jun 2020 14:42:02 GMT
server
cloudflare
etag
"5ed6653a-20c55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aj83w7d5KEDT2wbl9eGxLgXyqv5u6iczG86rwL5696H2SwuNFuVv91rojukrrkY7jqKn2xdgk2qnWexZ%2FC%2FqNUcsrtpeGtYk5p4sSydGisrYwJWsOMZuWSIpvSbwmBzH0ErCNP0nvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
68c6243608bbb78d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
134229
expires
Sat, 11 Sep 2021 05:08:57 GMT
/
ads.traffichunt.com/adv_ret/ Frame 40E9 		0
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.traffichunt.com/adv_ret/?adv_pixel_id=535&nid=3
Requested by
Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268783
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.138.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-138-195.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamesfromheaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:58 GMT
server
nginx
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
tag.php
main.exdynsrv.com/ Frame 40E9 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.exdynsrv.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
Requested by
Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268783
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamesfromheaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:57 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tag.php
main.exoclick.com/ Frame 40E9 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.exoclick.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
Requested by
Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268783
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamesfromheaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:57 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tag.php
main.realsrv.com/ Frame 40E9 		0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.realsrv.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
Requested by
Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268783
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamesfromheaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:57 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
index.min.js
nextgencounter.com/ Frame 40E9 		645 B
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nextgencounter.com/index.min.js?pk=135245fd163282a65181f02743b60cc2
Requested by
Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.209.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c65084e8fffee537fd981f8b9cb2d9c79db4d1dd18adbc703b66d85bc735ed0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamesfromheaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Mar 2021 11:14:58 GMT
server
cloudflare
age
473
etag
W/"605487b2-285"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6U%2FNqQPr0aZEjJy7ZuOmDI5zh9AtXJIPpIHweHjF83G4FTUHw4XxZ8OohBK8C%2FImJb%2F%2FwJMC9Oq0nweKYDNrkxRSlizsUYPnbWrQpQDZC%2BLV0emu9AJVJ8B41iJi0Gy3cEHXYro%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68c624374e0905ff-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
stream_MayaHelen.webm
v.bngdyn.com/ Frame C617 		74 KB
74 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://v.bngdyn.com/stream_MayaHelen.webm
Requested by
Host: bngdyn.com
URL: https://bngdyn.com/promo.php?c=393610&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bchat%5D=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
4a31fde4428cf023b58d3532266088ba0700e381f480a7ab03b1e3b4bd463947

Request headers

Referer
https://bngdyn.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 10 Sep 2021 05:08:57 GMT
last-modified
Thu, 09 Sep 2021 20:04:53 GMT
etag
"613a68e5-12669"
content-type
video/webm
Content-Range
bytes 0-75368/75369
cache-control
max-age=43200
x-cdn-diag
fra1-11037-1-56389-h-0-0---;11015-6-1083----0-0-1
Content-Length
75369
expires
Fri, 10 Sep 2021 11:02:55 GMT
truncated
/ Frame C617 		21 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
/
glitter.services.disqus.com/urls/ Frame 1798 		754 B
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=mrhackerco&thread_id=8765559764&referer=
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
43776fbb10e0d3f88977275a438d8632a214216bb0cb43de094d599189632628
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
openresty
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
no-cache
transfer-encoding
chunked
X-Service
glitter
Content-Disposition
attachment; filename=f.txt
Strict-Transport-Security
max-age=300; includeSubdomains
Vary
Accept-Encoding, Cookie
noavatar92.png
a.disquscdn.com/1631056800/images/ Frame 1798 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1631056800/images/noavatar92.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.a394e8c4e3eaa98fc6ab1dfa2e322bd4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
120652
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
content-type
image/png
content-length
1644
x-amz-cf-id
ubKt7S8KHZN03wtHnkGCYvstiRZR3eESttQGFhbt-8eu18LRqmHs4w==
expires
Fri, 08 Oct 2021 19:38:05 GMT
event.gif
referrer.disqus.com/juggler/ Frame 1798 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=1&embed_hidden=1&load_time=1701&event=init_embed&thread=8765559764&forum=mrhackerco&forum_id=5865020&imp=13sljhv1avj903&prev_imp&thread_slug=lockbit_ransomware_hacks_accenture_encrypts_2500_computers_steals_6_tb_of_data_and_demands_50_millio&user_type=anon&referrer=https%3A%2F%2Fmrhacker.co%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:58 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
dbs
yourfreecounter.com/ Frame 40E9
Redirect Chain
  • https://venetrigni.com/px.gif?akey=135245fd163282a65181f02743b60cc2
  • https://yourfreecounter.com/dbs?uuid=cdde324e-8ddc-477a-b23e-eb859b6ed965&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsgIjE1MyI6MTYzMTI1MDUzOH0sImFjY2wiOnsgIjIwLDEiOjE2MzEyNTA1Mzh9fQ.e...
7 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yourfreecounter.com/dbs?uuid=cdde324e-8ddc-477a-b23e-eb859b6ed965&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsgIjE1MyI6MTYzMTI1MDUzOH0sImFjY2wiOnsgIjIwLDEiOjE2MzEyNTA1Mzh9fQ.eZZDImZfNUmAfr_gEqAuixNYF_lyrU2YmTDjwhpN11Q
Requested by
Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268783
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.0.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-0-34.eu-central-1.compute.amazonaws.com
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamesfromheaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:08:58 GMT
cache-control
max-age=0, : no-cache
server
nginx/1.17.6
content-type
image/gif
content-length
7
expires
Fri, 10 Sep 2021 05:08:58 GMT

Redirect headers

location
https://yourfreecounter.com/dbs?uuid=cdde324e-8ddc-477a-b23e-eb859b6ed965&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsgIjE1MyI6MTYzMTI1MDUzOH0sImFjY2wiOnsgIjIwLDEiOjE2MzEyNTA1Mzh9fQ.eZZDImZfNUmAfr_gEqAuixNYF_lyrU2YmTDjwhpN11Q
date
Fri, 10 Sep 2021 05:08:58 GMT
cache-control
max-age=0, : no-cache
server
nginx/1.17.6
content-type
image/gif
content-length
0
expires
Fri, 10 Sep 2021 05:08:58 GMT
pixel
fcmatch.youtube.com/ Frame E8BB
Redirect Chain
  • https://ejp.rlcdn.com/501709.html
  • https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCOrQ64kGEgUI6AcQAEIASgA
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM05YTUVaSVJnYUdDRW0yOEl3bkhfQm9mSnhJcDdUUG9nT0VtNk10NFlTOA==&google_cm&gdpr=1&gdpr_consent=CPLPDEMPLPDN_ADABCENBoCsAP_AAH_AA...
  • https://fcmatch.google.com/pixel?google_gm=AMnCDoqLAFIC07QedRlWSc6VLvL-OXxACOOsaeuCCyabf7TpkFjS81mPsdI-99QzrzhxL2Ayq1_-OD0k8cjb9mOgS3s9FoWGBe2xaWa3VKs1WBdiIIci-jSTnr0I095BLDnOs0pkSX2E8xpbCF5Ng1juNr...
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqLAFIC07QedRlWSc6VLvL-OXxACOOsaeuCCyabf7TpkFjS81mPsdI-99QzrzhxL2Ayq1_-OD0k8cjb9mOgS3s9FoWGBe2xaWa3VKs1WBdiIIci-jSTnr0I095BLDnOs0pkSX2E8xpbCF5Ng1juN...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqLAFIC07QedRlWSc6VLvL-OXxACOOsaeuCCyabf7TpkFjS81mPsdI-99QzrzhxL2Ayq1_-OD0k8cjb9mOgS3s9FoWGBe2xaWa3VKs1WBdiIIci-jSTnr0I095BLDnOs0pkSX2E8xpbCF5Ng1juNrdG2YMQ2w
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f14.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
fcmatch.youtube.com
:scheme
https
:path
/pixel?google_gm=AMnCDoqLAFIC07QedRlWSc6VLvL-OXxACOOsaeuCCyabf7TpkFjS81mPsdI-99QzrzhxL2Ayq1_-OD0k8cjb9mOgS3s9FoWGBe2xaWa3VKs1WBdiIIci-jSTnr0I095BLDnOs0pkSX2E8xpbCF5Ng1juNrdG2YMQ2w
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default

Response headers

content-type
image/png
date
Fri, 10 Sep 2021 05:08:58 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqLAFIC07QedRlWSc6VLvL-OXxACOOsaeuCCyabf7TpkFjS81mPsdI-99QzrzhxL2Ayq1_-OD0k8cjb9mOgS3s9FoWGBe2xaWa3VKs1WBdiIIci-jSTnr0I095BLDnOs0pkSX2E8xpbCF5Ng1juNrdG2YMQ2w
date
Fri, 10 Sep 2021 05:08:58 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
403
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.html
live.rezync.com/ Frame FFE6 		507 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c13qqhh81vn9ssj&pctry=DE&referrer=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-87.lhr61.r.cloudfront.net
Software
lighttpd/1.4.33 /
Resource Hash
59b3665464a7aa2b8e7fc0972f99b7ad6ee06bcadbcd9f817eb927a5c931ddfb

Request headers

:method
GET
:authority
live.rezync.com
:scheme
https
:path
/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c13qqhh81vn9ssj&pctry=DE&referrer=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default

Response headers

content-type
text/html; charset=utf-8
content-length
507
date
Fri, 10 Sep 2021 05:08:58 GMT
server
lighttpd/1.4.33
set-cookie
zync-uuid=3d28bd07-47bd-4fd7-8c60-f4c910b7500f:1631250538.33; Domain=rezync.com; Expires=Tue, 08-Mar-2022 22:08:58 GMT; Path=/; SameSite=None; Secure sd-session-id=.eJwVysEKgkAQgOFXiTl7cPVSQgdLCaJRDC95kVqX3Cm3dNZCxXfPbv8P3wTlW3XN1ShjIbBdrxyQT70cQzBBpbntlwIp_Lat67X4mA0zwewAK2b9MqWu_nJ1WxR62ZAejg-MpE2iShd71y2azD_lNSUU2oLOlObx90JSYLRrUoo9HOMhyUOB473HEbcwzz_1gjJp.FBx56g.nytMRbRY8-AhoD6RQWMWV0_dykQ; Expires=Wed, 09-Mar-2022 05:08:58 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache
Miss from cloudfront
via
1.1 c975be6c710711d2ced7184eca05c993.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
J2jvl_MVM-QRaauh5rTvZDCoum36u81QKvINdRdZafxwbHo22H31hA==
/
io.narrative.io/ Frame 1798
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac13qqhh81vn9ssj
  • https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c13qqhh81vn9ssj
  • https://io.narrative.io/?io.narrative.guid.v2=344a5870-11f5-11ec-a833-0aa6849ebafd&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c13qqhh81vn9ssj
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=344a5870-11f5-11ec-a833-0aa6849ebafd&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c13qqhh81vn9ssj
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.127.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-127-107.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:58 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=344a5870-11f5-11ec-a833-0aa6849ebafd&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c13qqhh81vn9ssj
Date
Fri, 10 Sep 2021 05:08:58 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
/
io.narrative.io/ Frame 1798
Redirect Chain
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Ac13qqhh81vn9ssj&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data...
  • https://io.narrative.io/?io.narrative.guid.v2=34452850-11f5-11ec-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac13qqhh81vn9ssj&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-h...
35 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=34452850-11f5-11ec-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac13qqhh81vn9ssj&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/malware/lockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom?feed_id=22863&_unique_id=613a15c110976
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.127.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-127-107.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=mrhackerco&t_i=mrhackerco-50640&t_u=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom&t_e=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_d=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&t_t=Lockbit%20ransomware%20hacks%20Accenture%2C%20encrypts%202%2C500%20computers%2C%20steals%206%20TB%20of%20data%20and%20demands%20%2450%20million%20USD%20ransom&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:08:58 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=34452850-11f5-11ec-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac13qqhh81vn9ssj&ret=img&ref=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom
Date
Fri, 10 Sep 2021 05:08:58 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
362358.gif
idsync.rlcdn.com/ Frame FFE6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=3855677395312443616
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3d28bd07-47bd-4fd7-8c60-f4c910b7500f%3A1631250538.33&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc13qqhh81vn9ssj
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c13qqhh81vn9ssj
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKvgwWvqDwZsL_JTbrYdhgM&google_cver=1
42 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKvgwWvqDwZsL_JTbrYdhgM&google_cver=1
Requested by
Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c13qqhh81vn9ssj&pctry=DE&referrer=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.rezync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 05:08:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 05:08:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKvgwWvqDwZsL_JTbrYdhgM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
fcmatch.youtube.com/ Frame FFE6
Redirect Chain
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3d28bd07-47bd-4fd7-8c60-f4c910b7500f%3A1631250538.33&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab...
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871597498118008326
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c13qqhh81vn9ssj
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM05YTUVaSVJnYUdDRW0yOEl3bkhfQm9mSnhJcDdUUG9nT0VtNk10NFlTOA==&google_cm
  • https://fcmatch.google.com/pixel?google_gm=AMnCDoop-Osqe_5PPvoMRFYnA1mjG-yH-3zmOw4jXm6ICW3agxImjIG6vxq_z4pejSAuZ3KSwx--g9yZOGd41id-hGmkFJ24b78Taz6iMcjml7wfT_kwGI_YC-bMyP6eLsCHVyDckHfDBZKUMtqr3iWuus...
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDoop-Osqe_5PPvoMRFYnA1mjG-yH-3zmOw4jXm6ICW3agxImjIG6vxq_z4pejSAuZ3KSwx--g9yZOGd41id-hGmkFJ24b78Taz6iMcjml7wfT_kwGI_YC-bMyP6eLsCHVyDckHfDBZKUMtqr3iWuu...
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoop-Osqe_5PPvoMRFYnA1mjG-yH-3zmOw4jXm6ICW3agxImjIG6vxq_z4pejSAuZ3KSwx--g9yZOGd41id-hGmkFJ24b78Taz6iMcjml7wfT_kwGI_YC-bMyP6eLsCHVyDckHfDBZKUMtqr3iWuusvNbPZyPw
Requested by
Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c13qqhh81vn9ssj&pctry=DE&referrer=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f14.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://live.rezync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 05:08:59 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Sep 2021 05:08:59 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoop-Osqe_5PPvoMRFYnA1mjG-yH-3zmOw4jXm6ICW3agxImjIG6vxq_z4pejSAuZ3KSwx--g9yZOGd41id-hGmkFJ24b78Taz6iMcjml7wfT_kwGI_YC-bMyP6eLsCHVyDckHfDBZKUMtqr3iWuusvNbPZyPw
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
403
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1x1.gif
i.jads.co/ Frame A320 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/1x1.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=929967
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:09:00 GMT
last-modified
Thu, 03 Mar 2016 18:47:18 GMT
etag
"1457030838"
x-hw
1631250540.dop123.am5.t,1631250540.cds294.am5.hn,1631250540.cds151.am5.c
content-type
image/gif
cache-control
max-age=24438725
accept-ranges
bytes
content-length
43
5f049e462d2c8
gamesfromheaven.com/iframe/ Frame 3AB6 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268782
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=929967
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.188.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
168d3a5bce5c4a490a26c7b925b3bb4139bb7922cccf93989bb21639c4d7ceca

Request headers

:method
GET
:authority
gamesfromheaven.com
:scheme
https
:path
/iframe/5f049e462d2c8?iframe&ag_custom_domain=268782
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://poweredby.jads.co/
accept-encoding
gzip, deflate, br
cookie
showed_14519_97035=[2475523]; c_e2ca205b02c8b9dcecd4d5fd536033be=1; z_1a221501de604814d3e9c4ce8ddfb42c=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/

Response headers

date
Fri, 10 Sep 2021 05:09:00 GMT
content-type
text/html
set-cookie
showed_14519_97035=[2475523,2478919]; Expires=Sat, 11-Sep-21 05:09:00 GMT; Domain=gamesfromheaven.com; Path=/; Secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlJbYs2Fn1LT46skP0qzYpl1d6dNRCpLbezhghpEQ8DYiR0byjwVR8MlUEGWWemxFQE%2F9LRdZwT4kqMLkP%2F9ZoQHovEo481LMKQ3IP8iWepMWaFc%2Fg9z%2FrC1%2Fph6ZB69phZF7yTv"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c624486bdc0682-LHR
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
a75a5653cced3bdfd3bc801497fd7022.jpg
iadoremakingpics.com/bnr/4/a75/a5653c/ Frame 3AB6 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iadoremakingpics.com/bnr/4/a75/a5653c/a75a5653cced3bdfd3bc801497fd7022.jpg
Requested by
Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268782
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ccb8b728273d7978c4fedb046cc17b57b56ca9a72d3856cf0c73c91abf986a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gamesfromheaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:09:01 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 14 Aug 2020 14:39:08 GMT
server
cloudflare
etag
"5f36a20c-2901"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7v9X%2BM8GYMP4%2FI2aMIOK46wmVHbHgQDCbeY1X1q%2BPobzzraQyy4IspOmTxvoTAMqk7AFh92BYQlzqYaG0FaMVOit3T9df0Cku4UVtXJXWPa4%2Bj1EofW6M3Diy89tYzGKzISDJS15w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
68c624495828046e-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10497
expires
Sat, 11 Sep 2021 05:09:01 GMT
a75a5653cced3bdfd3bc801497fd7022.mp4
suchenachmuschi.space/bnr/4/a75/a5653c/ Frame 3AB6 		406 KB
407 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://suchenachmuschi.space/bnr/4/a75/a5653c/a75a5653cced3bdfd3bc801497fd7022.mp4
Requested by
Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5f049e462d2c8?iframe&ag_custom_domain=268782
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.10.141 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4b3ee25688f4da29301c6fe484534d560bc9a0ae5d6eace7dfd9772b6adcba4b

Request headers

Referer
https://gamesfromheaven.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 10 Sep 2021 05:09:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29656
Content-Range
bytes 0-416053/416054
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
416054
last-modified
Fri, 14 Aug 2020 14:39:08 GMT
server
cloudflare
etag
"5f36a20c-65936"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByW%2BBp5CgbFtZ6mvtWT4W7zA2VATwAciBqch2bQeYdtXSGELsT3v7XguGiUzy5KbPr0YIZ7Cn29uU33c2znboNLWDr4lluZBCoaumYlZqzcNC%2FDbYPKLKE2uGQJEQiecGY63LzSv3AA%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
cache-control
max-age=14400
cf-ray
68c624499afd3a41-CDG
1313463
ad.a-ads.com/ Frame F92F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313463?size=320x50
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
8ab5b4b3594876882b6fd84659a12e6b08e65af7ade028fbf9bf9553e7ebda2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:09:01 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
1313465
ad.a-ads.com/ Frame 22A2 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313465?size=728x90
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
ce5e06b88f576dd0ddf5693390149a7264893d1bb9e5fd3285e8a64c3841794e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:09:01 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
1313462
ad.a-ads.com/ Frame 7A4E 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1313462?size=300x250
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-content/plugins/boxzilla/assets/js/script.min.js?ver=3.2.18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
4e8535a88d619b2912d96dbcc3d7cfc29b2fcee30cf338af808c41dfce0c0aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mrhacker.co/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 10 Sep 2021 05:09:01 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mrhacker.co/
Content-Encoding
gzip
photodune-6673623-the-guy-in-a-shock-s-900x506.jpg
www.securitynewspaper.com/snews-up/2017/03/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2017/03/photodune-6673623-the-guy-in-a-shock-s-900x506.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
514f323fe109cef487c2b95fb1f4343f78c62a62fc3119034c89e3319c8430b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:09:01 GMT
Last-Modified
Mon, 09 Dec 2019 07:28:16 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"7ead-5994056cc32b9;5cb8b05f75285"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
32429
04.png
www.securitynewspaper.com/snews-up/2019/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2019/06/04.png
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
22764d264c1229c0fb1a4b0bc9a3e060ed5f5122826f9534b9727def3aa39759

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:09:01 GMT
Last-Modified
Tue, 10 Dec 2019 08:29:21 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1425-599554f182dc8;5cb8b05f75285"
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=5, max=100
Content-Length
5157
01.jpg
www.securitynewspaper.com/snews-up/2019/06/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.securitynewspaper.com/snews-up/2019/06/01.jpg
Requested by
Host: mrhacker.co
URL: https://mrhacker.co/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.249.236 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li259-236.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
dc87a2ebbfcf0c3de9bf7006a3ef6dbd386a27454229d3ca84b2594389724cf8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:09:01 GMT
Last-Modified
Tue, 10 Dec 2019 08:45:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"2005-5995587bf03d5;5cb8b05f75285"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
8197
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210831&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
cafe /
Resource Hash
35de89dee1394636a8db134dc53a8da183ded23a5e21f362f385e7216acbaf22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 05:09:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8550
x-xss-protection
0
728x90
static.a-ads.com/a-ads-banners/118231/ Frame 22A2 		683 KB
684 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/118231/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313465?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52768beb6e9a4d1619ced6e98c515f416b23632839c8092d615f06513dc6146c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:09:01 GMT
Last-Modified
Sun, 26 Apr 2020 07:21:07 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
BRJ7JAZF9J6X0S6Z
ETag
"241238ff9e1a7f85dbec8aa10f72f723"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
699692
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
t6FJBbIGBKpJobE5rxtWIqCTMlD50_5h
x-amz-id-2
pCs/j+/m15HM0dWGV0DxygupxIqKCdhrFjlJ+qFDK1UyhzVMe1oRsdsI5FPjOBqbXVZylM5DhN8=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
320x50
static.a-ads.com/a-ads-banners/104027/ Frame F92F 		373 KB
373 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/104027/320x50?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313463?size=320x50
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e745a4b8c4213f6338afe0d6ead6ee17214695dbe7b8484bda782e354898eba7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:09:01 GMT
Last-Modified
Sun, 29 Dec 2019 17:08:48 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
Y5J84B6T29CZ2J1S
ETag
"10a7cad61388558409287f70f1d9664a"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
381861
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
HbclI2UzmbOKfnhFR738tE92uH20fqdL
x-amz-id-2
L3RrI6I/jjEf9g4tjJH14sQY3OWH6i7uluekj4/Wyy5r9yGOQM3+MVMZOQXv9AgitG0CSO5oUsU=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
300x250
static.a-ads.com/a-ads-banners/103763/ Frame 7A4E 		686 KB
687 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/103763/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1313462?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2191d31c59541b9c44346fde06c4e0ea2900c7ff88d084e8871ef13d2daa1326

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 05:09:01 GMT
Last-Modified
Fri, 27 Dec 2019 12:20:30 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
KABEHRQ1R0MYNC07
ETag
"28dd56aa4c3448923f2e06f6f90e1017"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
702864
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
KIPQ8aj2AKbgfuqCDbQF8bZCjZrg7.Bd
x-amz-id-2
BUlWn2Qn8F+JEofbxpdJP1G4TJJsc2I0qe6uWV52n6CyEAYuPVsqKdWGLpv5LHq/mUmureAZzLA=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7952463575870072&plah=mrhacker.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.97 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 05:09:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 10 Sep 2021 05:09:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5DFB 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.97 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sat, 04 Sep 2021 00:13:24 GMT
expires
Sun, 04 Sep 2022 00:13:24 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
536137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D2D0 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.68 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
27e459bd7674abb381087be17491af2d6d9e207811985b3bc7a2aa0a828a6159
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fk9f+VhAq/MFJBD5Q51h6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mrhacker.co/
accept-encoding
gzip, deflate, br
cookie
NID=223=GODKXjbpjGTtiM41LVIhx5V09KH8WulxjcgrY44gQxCDmxJVAyB0dTPEkGHvNIAnx2M3tLZrJrTYd7JLWckbhMVRd2lX4FLjxhjGOisiiUS_XcKTbY6_XtOw1V4A1lONnXj2_HyvXUOsLU810TMqqAwPPzdTveYP7qXoIwgtIEA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mrhacker.co/

Response headers

expires
Fri, 10 Sep 2021 05:09:01 GMT
date
Fri, 10 Sep 2021 05:09:01 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Fk9f+VhAq/MFJBD5Q51h6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js
pagead2.googlesyndication.com/bg/ Frame 5DFB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
sffe /
Resource Hash
5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 14:21:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
312463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13351
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 12:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 14:21:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D2D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210831&jk=848426734558470&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=929973
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=929956
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=929979
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=929967
Domain
syndication.twitter.com
URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1631250536934%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22no-results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22MrHackerCo%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22MrHackerCo%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%227f387e8%3A1629148491542%22%2C%22item_ids%22%3A%5B%221425447533598453760%22%5D%2C%22item_details%22%3A%7B%221425447533598453760%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforexrselect boolean| originAgentCluster string| et_site_url string| et_post_id function| et_core_page_resource_fallback undefined| $ function| jQuery function| gtag object| dataLayer object| adsbygoogle string| disqus_shortname string| disqus_title string| disqus_url string| disqus_identifier object| addComment function| ResizeSensor object| __twttrll object| twttr object| __twttr object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| monarchSettings object| NiceScroll object| jQuery112409984638888174766 function| retinajs function| _abort function| _error function| _start function| _process_inline function| _process_image function| _show function| _format_title function| _process_title function| _set_navigation function| _finish function| _preload_next function| _preload_prev function| _preload_image function| _draw function| _get_viewport function| _get_zoom_to function| _get_obj_pos function| _get_zoom_from function| _animate_loading undefined| fb_timeout object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto object| boxzilla_options object| Boxzilla function| disqus_config object| DISQUS function| disqus_recommendations_config function| addEvent object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| DISQUS_RECOMMENDATIONS object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16312505367576 object| vglnk undefined| vglnk_16312505372647 undefined| vglnk_16312505373549

32 Cookies

Domain/Path Name / Value
.mrhacker.co/ Name: _ga
Value: GA1.2.1968935331.1631250536
.mrhacker.co/ Name: _gid
Value: GA1.2.2090274773.1631250536
.mrhacker.co/ Name: __gads
Value: ID=62e956b2dbc2738e-229e30700dc900ed:T=1631250536:RT=1631250536:S=ALNI_MY2iTg4EF9jcgheTyWZhd7kTIcqRQ
.disqus.com/ Name: disqus_unique
Value: 13qqhh81vn9ssj
disqus.com/ Name: __jid
Value: 13qqfm81p1p4so
.google.com/ Name: NID
Value: 223=GODKXjbpjGTtiM41LVIhx5V09KH8WulxjcgrY44gQxCDmxJVAyB0dTPEkGHvNIAnx2M3tLZrJrTYd7JLWckbhMVRd2lX4FLjxhjGOisiiUS_XcKTbY6_XtOw1V4A1lONnXj2_HyvXUOsLU810TMqqAwPPzdTveYP7qXoIwgtIEA
.gamesfromheaven.com/ Name: showed_14519_97035
Value: [2475523]
.gamesfromheaven.com/ Name: c_e2ca205b02c8b9dcecd4d5fd536033be
Value: 1
.gamesfromheaven.com/ Name: z_1a221501de604814d3e9c4ce8ddfb42c
Value: 1
.exoclick.com/ Name: goals
Value: a%3A1%3A%7Bi%3A48723%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222021-09-10%22%3B%7D%7D
.realsrv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A48723%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222021-09-10%22%3B%7D%7D
.exdynsrv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A48723%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222021-09-10%22%3B%7D%7D
ads.traffichunt.com/ Name: new_adx_profile_guid
Value: 159370b0-8c68-4308-862d-427299af667e
ads.traffichunt.com/ Name: new_3.adx_rt_0
Value: 535
ads.traffichunt.com/ Name: new_3.adx_daily_rt_0
Value: 535
.rlcdn.com/ Name: rlas3
Value: VyRt8dtJMfQds147v1PiS9S7RuzBZt0YZCw701Rm9zY=
venetrigni.com/ Name: uid_id2
Value: cdde324e-8ddc-477a-b23e-eb859b6ed965:3:1
venetrigni.com/ Name: ak
Value: 153,1631250538
venetrigni.com/ Name: acl
Value: 20,1,1631250538
io.narrative.io/ Name: io.narrative.guid.v2
Value: 344a5870-11f5-11ec-a833-0aa6849ebafd
.rezync.com/ Name: zync-uuid
Value: 3d28bd07-47bd-4fd7-8c60-f4c910b7500f:1631250538.33
live.rezync.com/ Name: sd-session-id
Value: .eJwVysEKgkAQgOFXiTl7cPVSQgdLCaJRDC95kVqX3Cm3dNZCxXfPbv8P3wTlW3XN1ShjIbBdrxyQT70cQzBBpbntlwIp_Lat67X4mA0zwewAK2b9MqWu_nJ1WxR62ZAejg-MpE2iShd71y2azD_lNSUU2oLOlObx90JSYLRrUoo9HOMhyUOB473HEbcwzz_1gjJp.FBx56g.nytMRbRY8-AhoD6RQWMWV0_dykQ
.adnxs.com/ Name: uuid2
Value: 3855677395312443616
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrQwNzS1NDextDA0tDAwsDA2MhPiM9R193Ipj4rwzg6pTDKW4jU0MzY0MjUwNbYwMTcBACGzLqw0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrQwNzS1NDextDA0tDAwsDA2MhPiM9R193Ipj4rwzg6pTDIGAPTSgQ8lAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAAXByRHAMAgEsE_aIbNcBrsczFBIKo_0PaItWY0gi2qy6aC8CzR2N6PCgTm8lMXhmq_qD17VbhA1AAAA
yourfreecounter.com/ Name: uid_id2
Value: cdde324e-8ddc-477a-b23e-eb859b6ed965:3:1
yourfreecounter.com/ Name: ak
Value: 153,1631250538
yourfreecounter.com/ Name: acl
Value: 20,1,1631250538
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAEXHuxWAMAgAwAmsMgd5fANxHMJjIEuntfS6ewZLcWShg3oWaJdDnIXQejZhuiH2TUuIDU1iirzj-r90f9HwD6FFAAAA
.rlcdn.com/ Name: pxrc
Value: COrQ64kGEgUI6AcQABIGCLrqARAAEgYI96ArEAASBgi/tisQAA==
.doubleclick.net/ Name: IDE
Value: AHWqTUmKNwHB2D3NDrVA_SKDzxiPwHFJLnDZ9fImd9M-hpBfEVMySseIctxuuCgazHA

15 Console Messages

Source Level URL
Text
network error URL: https://ad.a-ads.com/1313462?size=300x250
Message:
Failed to load resource: the server responded with a status of 577 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=8044118461&adk=811018034&adf=1871615875&pi=t.ma~as.8044118461&w=691&fwrn=4&lmt=1631250536&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535716&bpp=4&bdt=367&idt=317&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8401989024828&frm=20&pv=2&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=r7xazUzUtV&p=https%3A//mrhacker.co&dtd=339
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=689529487&adf=455737603&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250536&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535720&bpp=1&bdt=372&idt=345&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173&nras=1&correlator=8401989024828&frm=20&pv=1&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=2241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2LKuD8oO7d&p=https%3A//mrhacker.co&dtd=349
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5067788462868168&output=html&h=173&slotname=5536279749&adk=215508481&adf=3059167356&pi=t.ma~as.5536279749&w=691&fwrn=4&lmt=1631250536&rafmt=11&psa=0&format=691x173&url=https%3A%2F%2Fmrhacker.co%2Fmalware%2Flockbit-ransomware-hacks-accenture-encrypts-2500-computers-steals-6-tb-of-data-and-demands-50-million-usd-ransom%3Ffeed_id%3D22863%26_unique_id%3D613a15c110976&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631250535721&bpp=2&bdt=372&idt=367&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C691x173%2C691x173&nras=1&correlator=8401989024828&frm=20&pv=1&ga_vid=1968935331.1631250536&ga_sid=1631250536&ga_hid=449819189&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=132&ady=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C44748552%2C31062297%2C31062093&oid=3&pvsid=848426734558470&pem=534&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ixitt2xcEt&p=https%3A//mrhacker.co&dtd=381
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/aed0e75d8283c027969e406e45c6eca3/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/6cc0003302752de793ff29e3ffcd55ae/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/08e05c122e61643b93987276460d346c/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/ce837432d89888a9cd410c058aadeabf/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/e3f31de3ba73aad193bc6d6123925a0d/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/5443e680fc84477d90d46ca506b1db43/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/09b4c663c359aa4550e8776a006e591a/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.effectivedisplayformat.com/bd767f2ee1885c1d7fb4ba5e5953d89d/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fmrhacker.co%2Fwp-content%2Fuploads%2F2020%2F04%2Fhow-to-get-windows-10-2004-release-preview.jpg&key=VkcfeckCrYChI1IL-3gBzQ&h=200
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1425447533598453760&lang=en
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://fcmatch.youtube.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
accounts.google.com
ad.a-ads.com
ads.traffichunt.com
adservice.google.com
adservice.google.de
adsxyz.com
apis.google.com
bngdyn.com
c.disquscdn.com
cdn.syndication.twimg.com
cdn.viglink.com
clipsex.online
cm.g.doubleclick.net
connect.facebook.net
disqus.com
egirlgirl.com
ejp.rlcdn.com
fapbest.com
fappinghd.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
gamesfromheaven.com
glitter.services.disqus.com
googleads.g.doubleclick.net
i.bimbolive.com
i.bngdyn.com
i.jads.co
iadoremakingpics.com
ib.adnxs.com
idsync.rlcdn.com
io.narrative.io
jav1080.com
javbest.co
links.services.disqus.com
live.rezync.com
main.exdynsrv.com
main.exoclick.com
main.realsrv.com
mrhacker.co
mrhackerco.disqus.com
netdna.bootstrapcdn.com
nextgencounter.com
noticiasseguridad.com
nude-hot.com
null88.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
phancongkhanh.com
platform.twitter.com
pornbebes.com
porns.photos
poweredby.jads.co
referrer.disqus.com
secure.gravatar.com
sex4viet.com
ssl.gstatic.com
static.a-ads.com
suchenachmuschi.space
syndication.twitter.com
thesexscene.com
tongdongkhue.com
tpc.googlesyndication.com
v.bngdyn.com
venetrigni.com
www.effectivedisplayformat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.securitynewspaper.com
xdultchannel.com
yourfreecounter.com
poweredby.jads.co
syndication.twitter.com
104.16.164.13
104.18.10.207
104.21.10.141
104.21.17.100
104.21.235.51
104.21.25.241
104.21.4.127
104.21.57.135
104.21.64.18
104.21.65.147
104.21.69.42
104.21.88.2
104.244.42.72
142.250.74.109
142.250.74.110
142.250.74.131
142.250.74.138
142.250.74.142
142.250.74.2
142.250.74.46
142.250.74.66
142.250.74.68
142.250.74.97
142.250.74.98
151.101.112.134
151.101.112.64
151.101.114.49
151.101.192.134
172.217.21.163
172.67.130.190
172.67.137.143
172.67.147.50
172.67.164.36
172.67.188.117
172.67.198.237
172.67.199.92
172.67.208.52
172.67.209.21
172.67.213.190
172.67.213.203
173.255.249.236
185.33.221.90
185.60.216.19
185.60.216.35
185.75.253.85
185.94.236.245
192.0.73.2
192.124.249.55
192.229.233.25
192.243.59.20
193.0.160.128
195.85.23.226
213.239.209.209
216.58.207.232
216.58.211.2
3.120.0.34
3.233.138.195
34.250.127.107
35.244.174.68
63.33.81.89
66.254.122.19
66.254.122.38
69.16.175.42
93.184.220.70
95.211.229.245
95.211.229.247
99.86.116.33
99.86.116.87
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0683a1add44ec1b469bed17240e847c6b1bf0746e7ee287f9b9b33cb5adbf8fc
068db852edee183ad9ce57a9083bde719def67ee45a212820ce8b1647f215d82
07aa1437b73b702e4fd27db55e676455653762882c782440309ba4534050928a
090b57d2ba8067994e94dadb6fea5c934c4bd4c38f516c9e7fc29dd8387d5d88
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52
0a92d224a35aab3de7aa661df5c11272eea7f7fc8065230cf6b221a2e4961c31
0b56ce20fe245aec9d7edace03deb7971d8be11bfbe723305347c1cd67622a3f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cab8671024e27265f5d37739d64ccfd8417d3a1326cd85e578a2ca7280ecf0d
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
1073028375c8b5a26f7ee83338cacaffd4ee613c995b18881fcf659ee5d6ed72
11358d2115817389c001cc4e11e470ded0caa3999b0cc923c4c7c1459d36c345
11358fd75b1d5fcbf8a97a510154f3580857fc9c0997827b59afb59224feec66
1188fdbd16b9defbef3b6fc886dad69a800436bd8fe0b8cf4ca8bf4d5caae51b
11f4e5be19e8e69a1ade5739ea0eb588f315ab34ca8a65bf3cd72b31121aa65e
12f6bc9b28e5238dbfcf8d8b3027024e97e1c92888e387aa57808e282528256c
14ee10387bd3e877794228db2892115d6be65ed86de5da64dd94a66710418ac2
1520a035130dd251491a4d3a225f9df6b4614e5e734f207afba4ab643c2bc46f
168d3a5bce5c4a490a26c7b925b3bb4139bb7922cccf93989bb21639c4d7ceca
189f9e055dd25823d14b06678036d41865d143d8ca4813fe97c08db4eb21e851
1a9b2621dcaa88ed6a5d03a96cf38e466a9c2928e5fae60b5b977a33f8b63460
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2191d31c59541b9c44346fde06c4e0ea2900c7ff88d084e8871ef13d2daa1326
227365258106f73bc8761237c88b38ffbca65361aa95b865709657406eae1459
22764d264c1229c0fb1a4b0bc9a3e060ed5f5122826f9534b9727def3aa39759
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
23784bc09df3bf670e055d89cac3953bec965fd2798e7ceea9bc0751f8c3f7c8
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26d788a2a593ee53a9126a76e00b1085b83c238ac207d89666ab75f855231f14
27e459bd7674abb381087be17491af2d6d9e207811985b3bc7a2aa0a828a6159
27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758
2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d
305daef39f0eeb367fac9fed5f4ecdd67cc9fcce8b0b5e90484c4fffa6a5444e
32f8437db532ec8fb7949817d8d92680900c2895ff942e227b4bf8cfa512bce9
34be9c92d57ca29addff71fb9cd4e9b8dc985bb5efa65bb1d44741b78913d004
34eef18721ad9fb3e5cd9a4b1cf747ae67779d00ba8dd543683abcab5612e097
35de89dee1394636a8db134dc53a8da183ded23a5e21f362f385e7216acbaf22
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
383576f16a9b11bf23ca3df7a5357f7765a9842fb9f9a31bcaca3e2faf28b01c
3a923c50c91e0fb7b1ff0b2806fa088087b441339c15fda5747dcde2eb4ae112
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa
41faa68378a6c68e19722b376992653598878b6633da16992e9d66a4fb15ef3b
421f720278f84ac7e6429333b96f14f94756b1f0343f0236fac7307bac68b718
43776fbb10e0d3f88977275a438d8632a214216bb0cb43de094d599189632628
443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0
45458c5cfa0ae1e6992b40d920661a7107510f24e5c96f4b2f160d9939d946d0
460ae51398ed855ccda6738a02de06edc882e5d85f643d3d793fee9bda6e9781
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a31fde4428cf023b58d3532266088ba0700e381f480a7ab03b1e3b4bd463947
4b3ee25688f4da29301c6fe484534d560bc9a0ae5d6eace7dfd9772b6adcba4b
4b70365b09badf5fceb9effc21b9cca9d19e08b0045fc0ebcaf5765293b2518d
4e8535a88d619b2912d96dbcc3d7cfc29b2fcee30cf338af808c41dfce0c0aa3
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
514f323fe109cef487c2b95fb1f4343f78c62a62fc3119034c89e3319c8430b6
51efcb98223b7a4f4e1553657b36fd2322014e2c60e3e015c8b8221f8622b31a
52415b65b808c23ba1578c46b4b397fdaa4f979c8ae04dc1bd2b9cd96d4230fb
52768beb6e9a4d1619ced6e98c515f416b23632839c8092d615f06513dc6146c
52a8bee8ad55a81a540948453532cfe99bd335109c6098a801fef8590fe38d58
553d3982d9f510a165f384512122570431df82d015502771e79b9823a805d94f
559149eca12826b13e46d3b01956720158b017d1f8e1258a722a2a74be579bfb
56d004e162b49ddf2cf14350bf7ceaaac4fc2c6e25821a7803ff14760d3238ff
59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86
59b3665464a7aa2b8e7fc0972f99b7ad6ee06bcadbcd9f817eb927a5c931ddfb
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2
65374b2938dd614dff5073c58272259c9d1b3f966f25ed74b5c619360d6b3b51
65b339a1ec226f403a6d36d71fe4f07d053c2477ea3a4df18e2f00062487ffa9
65b6121a4267cf53a8d9446dbc4c346131d0941463e2f3b1fef9e2d30515cfab
669e9517e16de747cabb78e5c73ef45830054a806170f37801841ed5b3b6689a
66adfd9392bf49bf0157e17151474cb7c64ea79f69c4ddb49222a31e85ec316c
676311b41a8a21162d8187ce2b2ecb7c652888635cc52967a9aabff9ef583d2b
6ea5ae441130287eb5d58aebb3425bd80c9836d3c51e5e04e293cae2188b1bae
71f6ddf045f219694a515f6a9cbd397947150d872f33c9f03b7629d6f8b45c6d
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
735390a173579c143e2936e08e55c4d274a0bd12a4417a76a5a46dc399c47b2c
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
781e8f9c4513bc8da98aa3ff8d846d03a0727bde47ee00002d2de1c1f70cf6e4
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
79eb1ccf87901ad706bb4f22a63f4d746cb05bbf4851c94a3049e795026e5ae1
7c1126ba3c8459e96c3dadc0b6f01a31471704719b1a5385ed68f45b046202f4
7d4b3a4f9354edb633ee8ddd2d2ebd899c0bbd17c93740c802bc9e5bf19508a7
7dc4b00a447f3c4957f8736c6dbdf57ac5354034a68ca765c96e95f9f3a1f97f
7f7e5b7357faea48e8742fb8535313bd5f478e1b9947bc15644ce183d56dc9d7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ab5b4b3594876882b6fd84659a12e6b08e65af7ade028fbf9bf9553e7ebda2b
8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8dedd8362bb42b3e64a65b7bc88013fd669da19133f0f63e930f0c8c86681b7e
8ff3c131212b8c54e4fef81437dd815acba30e979a4e811a5a1174250e548bcb
92c35f839d90ea55730d05ce3ea859cb598cd85eb20be3ed55621bb8baa3aa36
93e18f2f4e1a2af8839f0ee4900990890090742ac52482ea811f1fe41ef5556c
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
95ca28dd8b7551c6f06b09458b7b5561513904c23be68308603ca6b3bcdb5960
9a0b62a92405861d9aaeb606df809f7d34bae0909a8119a832a1c016a53dd05c
9b9a4658a4912f98669a0f59f3421556b3246714cf9e6ff92dc3da6274502156
9c65084e8fffee537fd981f8b9cb2d9c79db4d1dd18adbc703b66d85bc735ed0
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a0e15885d6d7e1694c5d7cdaff3ed800baabe7359ddf0e70f632b903ec624fb9
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a68091c3a89ef3d42bdf172776721fade92cbc1bf09821205f1a2370a3f7c3a9
a7733d7cdf5627664c2672c9101d56d3c6e7f5351fe10353a25dea90eb3fd2ca
ae33dd22d81c7494fa59404d4dcb6e28dd2bc0346494efde5bbc630301d1592a
b4a93a49f6b768b5d56d664aa9ccbb4f7d88b875e530987d54ad4e4e730a73a9
b4b322a1c204d7612c309926c7f9eb95d2c87a7ed5dcfa40ccb9ff633b476d70
b542515c8f52eb2cc95d68394c22dd042c35378cff42b0ca5da6d8413da3cb82
b61df0fc2c152857b8b8a83ba6cd2090d8aadca63d178fcfc7c3348c517a5861
b67e9019d75fc80b850ab52c79662b61c6bdfc9e867dc1c1d7977d942bc7387d
b6c2d3cc3702ab23f4506b462453061f9d60de48b5b60a8925f0adf963da1513
b81d1d6dc8129dde051254463257a664dfe1bb49b78f0f4cd37dafbb3f960f93
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb776e4e7499c2a01783aaeafd98641ea731c2d2da8ed9bb20cef55cd50b863b
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bfe1c96d2b61be1e17839f9e3d734ba10701c7be4a38faff1a63f4aedc3d31de
c0031b846a33ee48076df78f553b3bf781730ab73b51b3df7861e43313d432af
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5b8a61b7114f9131b2c26131527d5ea955e8fc57c3989b92f7ab781473db139
c60dfaf4d68247d23d28f56642945518dc7481ce4fba6b1f908857f497a4c614
c6ccb8b728273d7978c4fedb046cc17b57b56ca9a72d3856cf0c73c91abf986a
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c953490be90a1e661e731eed1b5b5b07d20a3d23806cc81d641c383e99422c2d
cab3b4e75061cdaa9d44dab3127b8b80cfbfa9036146b8cd2f588435b29f89bd
cbb4b54f81e10523ab2e3138026274e620e4012abca57c6ed139670cbcd910fd
cc47b311008446f1f495cce46ca9ae76aceac910b9c5bd0951fdf6695b4eaca0
cd132cc11b4c3feea41adf4d06a10f935dc9bf596dfa23d6f48ccb8fe2d44bb8
ce5e06b88f576dd0ddf5693390149a7264893d1bb9e5fd3285e8a64c3841794e
cedfbfa784fad02997626a083882aa3a2765c5f5909fba298d9e08b01b375de3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7ffb56cda8d58d7a7783e442a5729573c7e5d7098785c9a6cb382f2a772b56
d14249854f89bfc3d438d887833ac7ec8f86f7070a683454e325d3b54810ce11
d3da3d9c5107d1f74c868fe1c412db3cfc9093693716a22756747a3c892cf5e1
d42bb63e3b2715e5c23c160d1c93e069034c282c7650cf8b074b35251097fb95
d442a258b5c4a8b1cdb3a8e5a7c15af9b42de3c74e33e65613a56a99a7ab057a
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
d9af9b17fec1a186ac65e5d549eceff91d096eee4d0cefe7e6ab9f14ce915357
db1b8da1dada254a423ac3fb0b3bf4b0dd8ffd3b6aad429bdc5aef431d3de557
dbe803bfa44254eeac3ce0060cf7b364c1437c8230839511fa2c038632f2ab4e
dc87a2ebbfcf0c3de9bf7006a3ef6dbd386a27454229d3ca84b2594389724cf8
dd819f8eba0b56e52c8583bf1db1b5bbeec52504bef12ef0b325013b68977901
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
e16ed299b472d3f09c1fecfb67a63c435bfabd6e582f5b4d6703cd7030fc6701
e2e1b64507c8e03581b958717b74ea4f9df546187e1477ff33f2ad65dbdfcb16
e32c2b4173888243555c41b68a80f48a4aa18847d10a465c029db6042d52ea5c
e33ab36f8dd445e60f43e39b3a4d37f0eeb91647d65a665e0e1cf15d5a76b91c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9
e5e71fa614171fdf7f3eee87e6198d233232fe2d73e7cc75cb30722c00000738
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197
e745a4b8c4213f6338afe0d6ead6ee17214695dbe7b8484bda782e354898eba7
e7fecca72827ce8c5a96210fa24127e276ddbd52856b9e07a1c51752e111691c
ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f122aaa855dbb3f7cf5a05368fbdcc7ddd86b4a7a56f1514f1944bbde684111d
f154ad0a779cdcbfe1cb4e5df7f12695b16ed0839247ae9622663c3859e20ec8
f2bd3b8efd0335c133b5427ed54e08d10a89f13714e22916fe79219a1a1f3150
f2f7c7d3f411947762dedb0f0557a9eba5d8fbfdce49a3ed2b8794a9fcec544b
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f493c9cdcc3bd4b86124a98a6da5f57a04d38a46fc748116bb744064b001532b
f64f60433b4f5da1b4da833c5107f1706b4dc066e99c0e77be10c8347357c6bd
f820d93daf383e178bda2912f5bee00e90e56390597820622643fa8e5e487143
f9a2ec5686fc3117ac1e9f72901822e7923dee2adc4f02157b6f05a20b2a596c
fb81d4108d1a485047b260bd9736c2c8ef105b1f56ead03c7d7f2a8811b3a6bc
fd110802bfc94a315236b952fc20ee920c1cf886b9526ffad1ee4ff9057d2394
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffad8419f85c15cf2cc8ae98d79e4c1c395ec6491924ae92900d223131a50175
ffe4bb4cb364bdafa7922232219191f095cf7ff16ad22b9b679c284632248165